The CyberPeace Institute recently released new data revealing the number and rates of cyberattacks on the healthcare sector. Between June 2, 2020, and December 3, 2021, there were 295 different cyberattacks to the healthcare sector. Those attacks include 263 that have either been confirmed as ransomware attacks (165) or are suspected of involving ransomware attacks (98). The incidents occurred in 33 different countries at a rate of 3.8 incidents per week.
In the past 18 months, there have been at least 39 different ransomware groups that executed ransomware attacks on the healthcare sector. The attacks and their occurrences have been in the following areas:
- Patient Care Services ―179
- Pharma―35
- Medical Manufacturing and Development―26
- Other Medical Organizations―23
The CyberPeace Institute said that some threat actors have specifically targeted the healthcare sector. One example is that a member of the Groove ransomware operation was actively seeking initial access brokers who could provide access to healthcare networks. According to a data leak site, Groove had the highest percentage of ransomware attacks on healthcare.
While there has been targeting of the healthcare sector, many ransomware gangs use “spray and pray” tactics and indiscriminately conduct attacks that result in healthcare organizations being attacked along with all other industry sectors. These attacks often involve indiscriminate phishing campaigns, attacks on Remote Desktop Protocol (RDP), or brute force attacks to guess weak passwords.
It is important to remember that the targeted organizations experience disruption to business operations and patient services. Data must be restored, and there is generally a leak of exposed Personal Health Information (PHI).
Compliance Perspective
Issue
During the holiday season, it is critical that nursing facilities are proactive in cybersecurity. Historically, episodes of cyberattacks occur during holidays and weekends when the bad actors take the opportunity of perhaps a more relaxed mode of cybersecurity in nursing facilities. Nursing facility leaders and the Privacy Officer must collaborate with their IT department to ensure that the sensitive data that is housed within their computer systems is protected. All staff that have access to a facility’s computer network should be trained on best practices in preventing data breaches, and what they must do to assist in the prevention of these breaches. Additional information is available in the Med-Net Corporate Compliance and Ethics Manual, Chapter 6 Data Integrity.
Discussion Points
- Review facility policies and procedures on cybersecurity. Ensure that policies are kept current based on best practices in preventing data breaches.
- Train all appropriate staff on best practices to prevent data breaches. Document that the trainings occurred, and file in each employee’s education file. Provide additional training as new information becomes available.
- Periodically audit to ensure that staff are knowledgeable and utilizing best practices in preventing data breaches.
FOR MORE INFORMATION ON THIS TOPIC VIEW: UNDERSTANDING AND PREVENTING RANSOMWARE, APTS, AND ZERO DAY EXPLOIT ATTACKS.
