Hospitals Are Ready-Made for Ransomware
Healthcare systems should prepare for a ransomware attack with the assumption - and the urgency - that they are already being targeted
The harsh reality is we should expect more ransomware attacks against hospitals and health systems in the future. The culprits are highly organized bad actors after a treasure trove of data that lives in healthcare environments, much of which is critical to patient care. They know that when lives are at stake, their targets will pay up to protect them.
There is another contributor to the current rise in ransomware and healthcare breaches in general: the way hospital technology environments are designed, connected and communicate with each other. Traditionally, a more siloed approach to securing different parts of a hospital or health system has been the norm. It’s just the way hospitals have been built and expanded. In addition, the rise of electronic health records (EHRs) – which share data across hospitals, clinics and devices – has led to increased attacks against hospitals.
Following these recent ransomware attacks, security industry leaders and even a cadre of expert volunteers quickly provided guidance on how to protect patients and their data. Overlooked in some of these good intentions is the unique nature of the healthcare IT environment, which is not segmented like other industries – meaning it is significantly harder to contain a breach to a single system or location. Moreover, these disparate entities are connected and often not segmented so that an intruder can move laterally with ease. Yet no security tools have existed to allow the security team to track that lateral movement, as the environments aren’t communicating with each other from a security standpoint. This “visibility gap” has always existed in healthcare, and now attackers are leveraging it to launch ransomware attacks with alarming frequency.