Healthcare and Ransomware | Torchlight Security

For the past several years, healthcare systems and hospitals have been high-profile victims of ransomware and other attacks. Find out what vectors for ransomware the healthcare sector faces.


Healthcare and Ransomware

For the past several years, healthcare systems and hospitals have been high-profile victims of ransomware and other attacks. The main reasons for this are three-fold: first, healthcare and hospitals are critical, and the uninterrupted flow of data through them can mean the difference between life or death. Second, there are high-value data (patient data, payment information, provider data, etc.) in hospital systems. And third, many smaller hospitals or healthcare systems do not have the ability to invest in high-tech cyber defense. Here are a few things that healthcare organizations should know about ransomware – its current trends, targets and tactics.

Typical Attack Vectors Hospitals Face

To remain vigilant against attackers, be aware of typical attack vectors that are used against healthcare institutions.

  • Phishing emails: A fraudulent email tricks a user into revealing sensitive information to the attacker.
  • User Click: A user clicks on a link or opens an attachment that contains malware and infects the system usually without the user’s knowledge.
  • Malvertising: Also known as “malicious advertising,” where a malicious code is injected through digital ads.
  • Phone calls: Victims receive threatening phone calls from attackers, and if they try to refuse to pay then the cybercriminals will claim that they know where you live and know how to contact your family.

High-Profile Healthcare Attacks:

Memorial Health System

Memorial Health System was compromised by a cyberattack in August of 2021. The IT department noticed irregularities in the data system causing failures, forcing the hospital to cancel surgeries and exams, and diverting ambulances elsewhere. The hospital system initiated emergency backup systems and modified processes. Memorial Staff turned to pencil and paper charts to offer continuous care for patients. Memorial Health System worked with the FBI and Homeland Security to resolve and fix the security breach.

Scripps Health

Scripps Health, another health system that experienced a cyberattack in May 2021, was forced to take a portion of its IT system offline. Like Memorial, this caused a disruption in patient care and required employees to revert to pencil and paper charts. It took several weeks to get the Scripps Health systems back online, and the hospital suffered as a result. The attack cost Scripps $112.7 Million from May to June, mostly in lost revenue. The largest impact of the shutdown was on the appointments and procedures that had to be postponed. To bring operations back to normal, Scripps had to rely on other medical organizations who offered similar services and took on a number of their appointments. Around 150,000 patients were also notified that the hackers acquired some patient data about them. Now Scripps is facing several class action lawsuits from patients who claim that the system’s leaders failed to take the necessary steps to protect their personal medical data from hackers.

How to Prepare for and Mitigate Ransomware Attacks

There are steps you can take to make sure your business is protected and can run continuously to serve your patients. The best option is to partner with a provider who knows the ins and outs of your business and can translate your cyber strategy into your business strategy. Torchlight can help you:

  • Properly secure all business networks with cybersecurity technology that patches all the holes in business systems. Adopt the zero-trust methodology.
  • Keep antivirus systems current to keep up with constantly evolving attack vectors.
  • Beef up your email security, an essential part of malware The Torchlight Ransomware Defense Architecture (RDA platform) can help protect against ransomware attacks.
  • Train staff on how to recognize potential threats and what to do if a security breach is made. Have a backup plan in place so that your organization is prepared and can continue operations as much as possible.
  • Keep backup systems separate from primary systems. Isolating backups will help businesses to ensure their backups remain secure.

How can TorchLight help?

Contact us to learn what your system’s vulnerabilities might be and what you can do to protect them.