The incidence of malware attacks is rising, with healthcare being the biggest target for bad actors. While the FBI made headlines earlier this year for taking down Qakbot, a major malware network, the American Hospital Association cautioned healthcare organizations that other malware threats still remain.^1,2 Rick Bryant, Healthcare Chief Technology Officer at Veritas Technologies, LLC, would like to say the worst is behind the industry, but he pointed out that the frequency, nature and increasing severity of these threats means that hospitals and health systems remain vulnerable.

“Everyone is highly focused on ransomware – especially with the increase in ransomware attacks in late 2019,” he explained. “And because of the nature of healthcare’s security systems and the vast amounts of data we are responsible for, cyber attackers continue to focus on the healthcare industry.”

The consequences of such an attack go beyond just the potential ransom payment, according to Bryant. Provider organizations must contend with the cost of remediation, brand damage and fines. And, today, they may also face patient lawsuits.

“Patients have begun to file class action suits against hospitals and ask for damages for their lost data. Patients are now working to hold healthcare organizations accountable,” he said. “One of the things these lawsuits are focusing on is whether organizations have the tools in place to detect and deal with any breaches rapidly. Sadly, far too many don’t — and they are going to be held to a much higher standard moving forward.”

Unfortunately, despite knowing that it’s a matter of when, not if, an attack occurs, most healthcare organizations currently spend very little of their information technology budget on cybersecurity, said Bryant. Although many stated they would be increasing cybersecurity spend for the following fiscal year, Bryant said that recent HIMSS Market Insights research sponsored by Veritas suggests healthcare’s lag may not just be a monetary issue. There are also issues with the way larger hospitals perceive cyber-related risk.

“In this survey, we found that there is a vast difference in perceptions of cyber resiliency and status across hospitals. Organizations with a billion dollars or more of net patient revenue believe they are safe and are doing all they can to protect themselves,” Bryant said.

“Organizations under that revenue level report knowing they have gaps.³ It’s an interesting dichotomy to me, because the organizations with the funds to become more resilient are not as informed as they should be about the risks and how the threat landscape is evolving.”

An experienced vendor partner, however, can help organizations become more secure by providing the necessary tools to protect, detect and remediate malware threats.

“Staying resilient in the face of an evolving threat landscape takes a combination of having good outward perimeter security and a well-educated staff – but you also need real-time detection for anything that might get through that outer barrier so you can detect, contain and remediate the issue before it becomes a huge problem,” he said. “We’ve now advanced to where any 12-year-old with a Bitcoin account can access ransomware tools and launch an attack. Hospitals need to determine their resiliency needs and move to achieve their cybersecurity goals so they can take a stronger defensive posture and detect these attacks as early as possible.”

References

1. Bajak, F. and Dazio, S. 29 August 2023. FBI and European partners seize major malware network in blow to global cybercrime. Associated Press. https://apnews.com/article/cybercrime-malware-fbi-takdown-ce415e9ea0f11d31e6cf3e401a264d3c.
2. American Hospital Association. 31 August 2023. Government disrupts Qakbot cyberthreat; hospitals urged to remain on guard. https://www.aha.org/news/headline/2023-08-31-government-disrupts-qakbot-cyberthreat-hospitals-urged-remain-guard.
3. HIMSS Market Insights. September 2023. Data Management and Cyber Resiliency.