Affecting many different sectors in the business world, digital transformation not only automates workflow and increases productivity, but also creates a series of cyber attack risks. The use of IT systems by institutions in matters such as process automation, system integration, and data sharing causes an increase in the number of attack vectors, which in turn results in larger attack surfaces. As a result, institutions face significant cybersecurity challenges that they have to deal with.
Health institutions are not an exception in terms of cyber threats and data security breaches. On the contrary, health institutions are one of the most common industries exposed to cyber threats. Hospitals and various healthcare facilities are frequently targeted by hackers due to the medical data stored there. How do health institutions act, then, in such situations and how should they act?
The 2022 report by Sophos reveals how ransomware attacks and payouts for these attacks vary on a sectoral basis. According to the report, ransomware attacks targeting global health institutions increased by 94% in 2021. Moreover, the rate of those who chose to pay ransom among the targeted health institutions almost doubled.
The report shows that two in three global health institutions faced ransomware attacks by hackers in 2021, which was one in third in 2020. On the other hand, while only 34% of the health institutions attacked in 2020 paid the attackers, this rate increased to 61% in 2021. It is also important to note that only 2% of the institutions participating in this research were able to get all their data back after paying the ransom.
To elaborate on the subject a little more, the report states that the average cross-sectoral cyber-attacks volume is 57% while the complexity is 59%. The percentage of health institutions hit by ransomware is 69% while the complexity is 67%. In addition, the global average of cyber-attack impact is 53% while this rate increases to 59% in the healthcare sector. With this rate, the healthcare industry comes in second place globally.
Additionally, health institutions pay an average of $1.85 million for a week-long ransomware attack. This causes health institutions to rank second in ransom payments and data recovery costs.
In the age of globalization, many health institutions face serious access security problems against cyber threats. For example, Omnicell, a multinational health technology company, was hit by these attacks in May 2022. In a written statement, the company stated that they were hit by ransomware, which resulted in a data breach compromising all their internal systems.
Stating that the company's quarterly 10-Q files were compromised through a ransomware attack, Omnicell announced that sensitive data stacks within the company became vulnerable to potential cyber-attacks. The Omnicell case, however, was not the first ransomware attack targeting health institutions in the United States this year. Oklahoma City Indian Clinic (OKCIC) also reported that they were attacked by ransomware and the medical data of 40,000 people was stolen.
In addition, it should be noted that cyber attackers do not only target hospitals and health units, but also private institutions providing health services. A health institution serving in Arkansas, Kentucky, and Mississippi, ARcare announced that they experienced a data breach involving the personal data of potentially 345,000 people.
Reporting a data security incident on February 24, 2022, which adversely affected computer systems and caused a temporary interruption in health services, ARcare launched an investigation to secure the IT infrastructure and determine the cause of the attack. On March 14, after the investigation, it turned out that a hacker had access to the entire IT network of ARcare from January 18, 2022, to February 24, 2022.
As a result of this cyber attack, the names, social security numbers, driver's license numbers, state identification numbers, date of birth, financial account information, medical treatment information, prescription information, medical diagnosis information, and health insurance information of 345,000 people were exfiltrated from the ARcare databases. ARcare stated that they were unaware of any misuse of the stolen data.
Health institutions need to find a balance between providing high-quality health services, implementing an advanced cyber-security protocol, and protecting patient data in the best possible way.
Patient data and protected health information are among the first elements defined as sensitive data by governments and international regulations. Aware of the value of the data, cyber attackers do not hesitate to target health institutions.
So, what can health institutions do to properly preserve patient data, provide secure access, and avoid paying ransom after an attack? We can find answers to this question just with eight steps.
Health institutions can take advantage of Privileged Access Management practices to avoid paying ransom for ransomware attacks. Single Connect is the perfect fit for protecting health institutions against ransomware attacks when it comes to data and access security over privileged accounts. Kron’s Single Connect was also featured in the Privileged Access Management (PAM) reports prepared by Gartner, KuppingerCole and Omdia which takes a snapshot of the Privileged Access Management industry.
If you want to explore the advantages of Single Connect to protect your health institution against ransomware attacks, you can check our PAM solutions in detail, and contact our team to learn more about Single Connect.