Check Point Email Security | Blog

Ransomware in Healthcare Skyrockets: What You Need to Stay Safe

Written by Jeremy Fuchs | May 20, 2021

The Irish health care system is under attack—and not because of COVID-19.

Last week, a sophisticated ransomware attack—described as "heinous" by Irish Prime Minister Micheal Martin—hit the country, affected over 2,000 patient-facing IT systems and 80,000 devices. Thousands of appointments, cancer treatments and surgeries have been delayed or canceled. The Irish are re-building the affected applications from scratch, a process that will cost millions of dollars and take weeks. According to the Associated Press, Conti, a Russian-speaking ransomware group, is demanding $20 million. The Irish have said they will not pay.

This, of course, is not a new phenomenon. In 2020, according to one estimate, at least 91 healthcare organizations in the US suffered ransomware attacks, a 45% increase over 2019. One attack on the University of Vermont Health Network was costing $1.5 million a day in recovery costs and lost revenue

And it's a worldwide phenomenon. In February, two hospitals in France were hit by ransomware and were forced to postpone surgeries. A ransomware attack in Germany last year caused an IT failure and led, indirectly to the death of a woman.

The implications are dire. For example, one study found that data breaches not only reduce the quality of care, but actually increase the 30-day mortality rate, not just in the immediate aftershocks, but up to two years later.

This is all part of a ransomware pandemic in healthcare. Healthcare organizations hold incredibly valuable personal data, from medical records to social security numbers to credit cards to addresses. This is a gold mine for hackers and they're targeting it.  

Plus, healthcare organizations are largely underprepared for such attacks.

Some 87% of organizations say they don’t have the proper personnel in place to defend against such attacks, an increase of more than 10% from 2017. Another study found that 32% of hospital personnel haven’t received proper security training; 52% of businesses believe that they are at risk due to the lack of employee awareness.

Only 18% of healthcare organizations have dedicated 7% or more of their IT budget to security; 41% have dedicated less than 3%.

Attacks on healthcare organizations are skyrocketing and not enough is being done by those organizations to protect themselves. Some organizations are so overwhelmed that EY is recommending adding an additional external Incident Response provider to ease the burden. 

Data + accessiblity = more attacks. 

Consider the story of a clinical research organization in the Southeast. Initially using Proofpoint, they were being bombarded with attacks, an issue due to the incredibly sensitive data they held.  It was so bad that the IT department had to manually send email warnings, instructing employees not to click on the malicious links that had recently reached their inbox. The constant need to monitor and react to missed attacks was both time-intensive and a high-profile reminder to everyone that IT had not yet solved the phishing problem.

Upon deploying a trial with Avanan, things changed for the better. On the first day, Avanan caught a whaling attack targeted at the CEO. It had bypassed both Proofpoint and Microsoft. "It was a game-changer," the IT Director said.

Ransomware is everywhere. It's not going to stop in healthcare. If you're in healthcare, you need to bolster your defenses.

Read our whitepaper on the Phishing Pandemic in Healthcare and learn how Avanan keeps your healthcare organization safe.