Rural US Hospitals Losing Battle Against Ransomware

Hospitals in rural areas of the United States are being increasingly targeted by ransomware (opens in new tab) threat actors, experts said at a Senate hearing on Thursday this week. Per Cyberscoop, the most pressing sentiments shared at the March 16 Senate Homeland Security and Governmental Affairs Committee hearing were that healthcare organizations in these areas are attractive targets due to their lack of qualified cybersecurity staff and other resources, such as staff.Witnesses did say that, however, that private industry groups and federal government agencies, such as the Cybersecurity and Infrastructure Security Agency (CISA), are supplying the industry with plenty of information on how to address the growing problem of ransomware.
Going after data
Kate Pierce, senior virtual information security officer at cybersecurity firm Fortified Health Security, asked for more funding for healthcare organizations, so as to be more capable at putting theory into practice.“We also saw cybercriminals shift their focus to small and rural hospitals with this group lagging behind in strengthening their defenses,” Pierce said. “Our rural hospitals are facing unprecedented budget constraints with up to 30% or more in the red, with the public health emergency scheduled to end in May.”By nature, healthcare providers generate a lot of data on their customers, many of which are extremely sensitive (information regarding a person’s health and illness history, payment details, employment status, etc.). As such, they’re an important target for ransomware operators and data thieves.Just this week, high-profile cyberattacks against two healthcare providers were revealed, with Independent Living Systems (ILS) leaking more than 4.2 million user records, and hardware and software company Zoll Medical having records belonging to over a million customer and employees stolen.Via: Cyberscoop (opens in new tab)
Rural US Hospitals Under Attack from Ransomware
Ransomware is a type of malware that encrypts computer files, making them inaccessible to the owner. The attackers demand a ransom, typically paid in bitcoin, in exchange for the decryption key. Rural US hospitals are facing an increasing onslaught of ransomware attacks. A report by the Cybersecurity and Infrastructure Security Agency (CISA) shows that there were 63% more ransomware attacks on healthcare institutions in 2019 than in the previous year, and the trend appears to be continuing.
The Impact of Ransomware Attacks
The impact of ransomware attacks on rural US hospitals can be devastating. Patient data can be stolen or locked up, preventing treatment and causing delays in care. Operations can be disrupted, leading to cancelled appointments and procedures, and financial losses can be huge. Many rural hospitals struggle with limited budgets and resources, making them particularly vulnerable to these types of attacks.
Why are Rural Hospitals Targets?
Ransomware attackers often target vulnerable organizations that have outdated software, poor cybersecurity protocols, and limited IT resources. Rural hospitals often fall into this category, making them attractive targets. They also tend to have a high reliance on electronic medical records systems, which can be particularly vulnerable to attack. Additionally, many rural hospitals serve as critical components of their local communities and have limited backup options.
What Can be Done to Address the Issue?
Preventing ransomware attacks requires a combination of strong cybersecurity protocols and vigilant employee training. Hospitals need to back up their data regularly and ensure that they are running the latest software updates. They should also work with IT security experts to conduct regular vulnerability assessments and penetration testing to identify potential threats to their systems. Employee education is equally important, with staff trained on how to spot phishing emails and suspicious attachments.
FAQ
Q: What is ransomware?
A: Ransomware is a type of malware that encrypts computer files and demands a ransom in exchange for the decryption key.
Q: Why are rural US hospitals particularly vulnerable?
A: Rural US hospitals often have limited budgets, resources, and IT support, making them attractive targets for ransomware attackers.
Q: How can hospitals prevent ransomware attacks?
A: Hospitals can prevent ransomware attacks by backing up their data regularly, ensuring software updates are current, conducting vulnerability assessments, and providing employee education and training.
Q: What is the impact of ransomware on hospitals?
A: Ransomware attacks on hospitals can disrupt operations, cause patient data to be lost or locked up, and result in financial losses.