UnitedHealth CISO: Ransomware ‘an existential risk to the delivery of care’

As part of the HIMSS Healthcare Cybersecurity Forum virtual event December 6-7, Aimee Cardwell, the chief information security officer for the UnitedHealth Group at Optum Technology, will dig into the subject of ransomware in an educational session entitled “Ransomware: Today’s Threat Landscape.” Optum Technology is UnitedHealth Group’s IT and services subsidiary.

Ransomware continues to expose the vulnerabilities in the global network from the government to infrastructure to hospitals. In this session, Cardwell will discuss the current threat landscape and the ransomware to watch out for.

In a sneak-peek of the session, Healthcare IT News interviewed Cardwell to get her to explain the cybersecurity landscape and some of the best defenses against ransomware.

Q. What is the current threat landscape for healthcare organizations?

A. We see three major categories of threat. First, ransomware. According to the Wall Street Journal, ransomware has become the most lucrative form of malware globally, generating $350 million in 2020, while causing over $20 billion in damages and downtime over the same period.

The healthcare industry makes up 11.6% of all ransomware attacks. As an example, Ireland’s Health Service Executive is responsible for healthcare and social services across Ireland. They were attacked with ransomware that caused a shutdown of all IT systems. Eight weeks after the attack, services were still only 90% recovered.

Second, zero-day vulnerabilities. These refer to a vulnerability in a system or device that has been discovered but is not yet patched. You may recall hearing about PrintNightmare, which took advantage of a zero-day vulnerability in Microsoft’s print spooler, allowing a user on the network to gain elevated access on any system with print capability.

And third, supply chain attacks. These involve tampering with the digital infrastructure of a company’s software to install undetectable malware to bring harm to organizations further down the supply chain network. You may remember reading about Kaseya, a software provider that provides remote management monitoring, which was the victim of an attack by the REvil ransomware group over the Independence Day weekend this…