Experts Predict Spike in Ransomware, Extortion Attempts on Healthcare Orgs in 2018

According to a new report from McAfee, ransomware will continue to be the foremost threat to the cybersecurity of healthcare organizations in the new year.

This year’s McAfee Labs Threats Predictions Report delivered some good news to the global cybersecurity community. The number of known ransomware families steadily declined from 64 in May, when the notorious WannaCry attack occurred, to 35 at the end of October. And while total ransomware increased by 56% over the year leading up to the report’s release, McAfee found that the number of parties successfully extorted by hackers actually declined.

In spite of these advances, however, ransomware remains the number one cybersecurity threat for healthcare organizations. “The healthcare sector has probably suffered more than most in terms of ransomware,” explains McAfee Chief Scientist Raj Samani. “What we’re seeing today is the broken proliferation of ransomware — which really started in healthcare.”

Despite the fact that many professionals in the space have spent years battling ransomware, many healthcare IT teams continue to struggle with securing their data. This is largely due to the constant evolution of ransomware, especially those variations used to attack high-value targets like hospitals and medical research facilities.

The Rise of Cybersabotage

According to the McAfee report, “The WannaCry and NotPetya ransomware outbreaks foreshadow a trend of ransomware being applied in new ways, in pursuit of new objectives, becoming less about traditional ransomware extortion and more about outright system sabotage, disruption, and damage.”

This pivot from traditional extortion to disruption and destruction, or “cybersabotage,” as the report calls it, represents a grave threat to healthcare everywhere. Internet of Things-connected devices are playing a more substantial role in modern hospitals — one study indicated that 40% of all IoT devices will be healthcare-related by 2020. Hackers could threaten to disrupt these devices and harm thousands of patients. From blood pressure meters and heart rate monitors to ventilators and SmartBeds, cybercriminals now have the power to hijack both highly-valuable patient data and life-saving medical equipment.

The Unique Challenges of Healthcare Cybersecurity

Unfortunately, healthcare organizations face unique challenges that make them particularly susceptible to cybersabotage, especially large entities like major hospital networks.

For instance, these organizations are highly regulated by legislation like HIPAA that penalizes parties for failing to prevent the theft of valuable private medical data, giving them additional incentive to bow to cybercriminals’ demands. In 2016 alone, healthcare organizations paid out a collective $22.84 million in HIPAA violation settlements, a figure that is likely to be even higher for 2017 once the final numbers are tallied.

Cybercriminals are unlikely to ignore healthcare organizations’ desire to avoid these kinds of costly violations. As National Health Information Sharing and Analysis Center President Denise Anderson points out, “Ransomware will continue to…evolve, not just to encrypting data, but also to blackmailing data owners based on the content of the data.”

Forging a Way Forward

Healthcare organizations have a simple way of combating the ongoing threat posed by ransomware: make robust cybersecurity a priority. Small organizations tend to lack either the resources or wherewithal to design, implement, and maintain strong cybersecurity measures, but aren’t as valuable targets for would-be healthcare hackers. Larger, better-provisioned organizations are the real prize for cybercriminals, and yet they often take a reactive, unfocused approach to cybersecurity.

This is especially disheartening considering that it doesn’t actually take all that much to make substantive improvements to an organization’s cybersecurity. According to the Ponemon Institute, a measure as simple as creating an on-call incident response team reduces the cost of a data breach by $12.60 per record.

Perhaps most critical, however, is finding the right cybersecurity partner. At Turn-key Technologies (TTI), we have over two decades of experience helping healthcare organizations build and secure the kind of powerful networks required to practice truly modern medicine. As ransomware continues to threaten the private data and physical wellbeing of patients across the country, the network security — and peace of mind — offered by experts like TTI will only become more valuable to healthcare organizations of all sizes.

By Craig Badrick


Sign up for the TTI Newsletter