Guarding Patient Trust: Healthcare’s Battle Against Ransomware Threats
The global healthcare industry has more to worry about than just treating patients. The ever-growing risk of ransomware is a major threat currently facing the entire sector, compromising confidential patient data, and disrupting the crucial services it provides.
“With ransomware accounting for 54% of all cybersecurity threats in the healthcare industry, the chances of a successful breach are higher than ever,” explains Andrew Hollister, Chief Information Security Officer (CISO), LogRhythm. “A recent example of how threat actors are targeting the industry can be seen in the attack on Barts Health NHS Trust. The Trust, which runs five London-based hospitals and serves more than 2.5m patients, was breached by the ALPHV ransomware gang. This resulted in it compromising 70 terabytes of sensitive data, including National Insurance numbers, financial data, and insurance agreements.”
Healthcare security teams are faced with a challenging, but vital role. There is a growing need for comprehensive detection and response solutions within healthcare to overcome the threats posed by ransomware attacks.
Here, Hollister tells us more.
Healthcare under attack
The healthcare industry is a top target for hackers due to the vast amount of people that rely on its services on a global scale. Threat actors can hold healthcare service providers at ransom for large pay-outs leaving them with little other option than to give in to their demands.
“The introduction of more connected Internet of Things (IoT) medical devices plays a part in advancing the patient experience, but also broadens the attack surface for cybercriminals. With access to hospital IT systems, threat actors can easily steal a huge range of important personal data from patients and employees alike,” Hollister explains. “Further to this, the challenges caused by the expanding threat landscape are amplified by tight budgetary constraints within the public sector. Funding limitations leave many healthcare institutions in the difficult position of having to juggle their investment priorities between cybersecurity and direct healthcare provisions.”
The level of data that some criminals can access has the…
