"Healthcare is getting hammered,” says Thomas Norman, technology consultant, Ingram Micro. Ransomware is a fast-growing, highly profitable business, and it’s an epidemic in healthcare. Eighty-eight percent of all ransomware detected in the second quarter of 2016 was in the healthcare industry, according to Healthcare Informatics.
Criminals have embraced the principles of rapid innovation too. In the first half of this year, threat actors developed some 80 new families of ransomware—a 172 percent increase over all of last year, according to Trend Micro. And with ransomware as a service, it’s data kidnapping for hire.
A Crime That Pays
“Criminals are making piles of money,” says Norman. “Depending on the configuration of the IT system, ransomware is capable of taking everything down in a hospital, including medical devices and communications. It puts critical-care units into jeopardy. They will pay and pay fast.”
The danger usually begins when a user clicks a malicious link in an email or visits a compromised website. If the system becomes infected, the ransomware can encrypt its data or spread to other systems on the hospital’s network to do its dirty work. To get the data back, the victim needs to pay (in Bitcoin of course). The ransom may be tens of thousands of dollars or more, but many healthcare providers would rather cave to extortion than compromise care. Even if they pay, there’s potential for unseen, lasting damage beyond an interruption in care. The stolen patient data also can be used for insurance fraud.
The dire situation isn’t lost on the U.S. government, which recently declared that a ransomware attack requires a breach notification under HIPAA. “The potential liability to a hospital is massive,” notes Norman.
How to Help Healthcare Clients
As a solution provider, you can help hospitals and other healthcare providers stop the ransomware epidemic. Healthcare organizations urgently need best-in-class IT security programs, but skilled IT security professionals are in high demand—and expensive to hire.
“Every IT integrator should mount up a security solution for their clients that is capable of dealing with advanced persistent threats and advanced malware,” advises Norman. “Those who don’t will almost certainly lose significant amounts of business to companies that can.”
Solution providers can help healthcare clients take proactive steps against ransomware, including:
- Encrypt all data. All data should be encrypted, whether at rest or in transit.
- Take backups that aren't immediately accessible to ransomware. Real-time mirrored backup is no longer sufficient, because the mirrored file can be encrypted by ransomware. Backup snapshots should be taken at least once a day and stored offline. Add a full executable backup to the weekly schedule.
- Require security training for all users. Everyone, from the hospital staff to volunteers, should have a refresher course in security practices with a special emphasis on the dangers of spam and spearphishing.
- Segment the network. Create separate and distinct network segments, such as for critical care, operating theaters, biomedical devices and guests, so it’s harder for malware to spread across the enterprise.
- Investigate enterprise-class ransomware solutions. Large hospitals should consider cloud-based ransomware protection services for advanced protection.
Ingram Micro can help solution providers develop an IT security solution set that will protect their customers against advanced security threats. With Ingram Micro training and professional services, solution providers can extend their reach and expertise without having to build a bench of IT security specialists.
There’s no time to hesitate. The cost to mitigate an attack, coupled with compliance penalties, can truly drive a healthcare provider out of business. “The threats have changed from something that solution providers and end users should care about to something that they must attend to because the threats have become imminent,” says Norman.
To learn how Ingram Micro professional services and training can help extend your security reach in healthcare, contact Mike Diamant at firstname.lastname@example.org.