In 2020, healthcare providers experienced the most ransomware attacks in the past five years, with hackers collecting more than $2.1 million in ransom payments, according to an annual report by Comparitech.
While most industries are exposed to cyber crime, the healthcare industry is particularly vulnerable and has the additional burden and promise by law of protecting patient information. For that reason, cybersecurity for medical practices takes on additional urgency and responsibility.
The cyber weapon of choice these days is ransomware, which is a type of malicious software that encrypts a user’s files, making them impossible to access without a digital key. In exchange for that key, a user must pay a ransom to release the data and/or systems that are being held hostage.
In 2020, ransomware attacks cost the healthcare industry $20.8 billion in downtime, a 100% increase from the prior year, according to the Comparitech report. There were a total of 92 ransomware attacks at healthcare organizations that affected more than 600 clinics, hospitals and allied organizations, and more than 18 million patient records were affected, a 470% increase from 2019, according to the report.
Healthcare organizations are often targeted by bad actors – especially during the pandemic – because they cannot operate safely without patient records and information.
Fending Off Bad Actors
First and foremost, cybercriminals look for easy prey – companies and organizations that have legacy technology infrastructures and outdated cybersecurity systems. If that describes your practice, the time is now to invest in a system upgrade.
But the very nature of cybercrime requires that organizations remain vigilant at all times to different and innovative ways bad actors conduct successful breaches. Here are four additional ways to stay ahead of ransomware and create a layered defense system:
- Network and APP Isolation. Make sure all workstations in your practice do not link directly to your data center and no one, other than your cybersecurity team, has direct access to the data center. Access to your EHR should always be through an internet browser and users should never be allowed to mass export data.
- Select an Operating System Not Used by Most Ransomware Attackers. It seems that most ransomware use Microsoft Windows code. However, an open-source operating system such as Linux, is much more secure because new code cannot be added to the existing code nor can the existing code be changed.
- Two-Factor Authentication. Also known as 2FA, two-factor authentication adds an extra layer of security to user’s accounts to prevent someone from logging in, even if they have your password. This extra security measure requires users to verify their identity via a telephone call or a randomized 6-digit code sent via SMS text or email each time a user attempts to log in.
- Data Backup and Storage. If you store data on a local area network (LAN), make sure one server is off site that receives instantaneous data updates; cyber attackers will not be able to access this data. Automated nightly off-site back-ups are recommended with a version-control system so there is no danger of ransomware-encrypted files overwriting backups.
Although cloud-based EHRs are a relatively new technology, experts say the data is more difficult to destroy because of the multiple, redundant backups kept in multiple distant locations. Storage of data on local networks typically is not recommended unless a practice employs IT professionals to monitor security, server integrity and employee practices.
Is Your Practice At Risk?
Cybersecurity is a broad and complex challenge that all healthcare providers are facing in the digital age. Your best protection is to mitigate risk with a multi-faceted cybersecurity protection plan.
Luckily, you do not have to face this challenge alone. Work with your current service providers to craft a strong cybersecurity strategy, and even consider hiring an IT provider to assist. At the very least, be sure to evaluate and grade the cybersecurity of your practice so that it is never breached and your patient data held hostage.