admin As a direct result of the Covid-19 pandemic, the global healthcare industry has grown in size. Consumers are on the lookout for safe ways to access healthcare. However, this has made the booming industry a target for cybercriminals. In a report by Sophos, a cybersecurity firm, they have stated that cybercriminals are actively hunting down the healthcare sector for their unscrupulous gains. “The State of Ransomware in Healthcare 2022” reveals a whopping 94 percent increase in ransomware attacks on the organizations surveyed in this sector in 2021.
In 2021 alone, 66 percent of healthcare organizations were hit by ransomware attacks. The percentage is much lower in 2020, at only 34 percent. However, there is good news, as stated by Sophos. As per them the healthcare organizations are becoming better at dealing with the aftermath of ransomware attacks. Over 99 per cent of the targeted healthcare organizations were able to retrieve at least some of their data back after cybercriminals encrypted it during the attacks.
Healthcare organizations are now going for cyber insurance. At least 78 percent of healthcare organizations want it. However, 93 percent of these organizations report that they found it hard to get policy coverage last year.
John Shier, a senior security expert at Sophos, claims that ransomware in the healthcare space is more nuanced in terms of both protection and recovery. Healthcare organization data is particularly sensitive, which is what draws the attackers in the first place. “On top of that, the typical two-factor authentication and zero trust defense tactics aren’t always feasible. Healthcare professionals need access to this data, and if these security measures are implemented, it makes the data inaccessible, not widespread and inefficient.”
Shier is of the opinion that healthcare organizations need to burgeon their anti-ransomware defenses by merging security technology with human-led threat detection to defend against today’s advanced cyber attackers.
Sophos has given the following recommendations on the best practices to keep yourself safe and secure.
- Install, maintain and review security controls regularly. Ensure they meet the organization’s demands.
- Proactively look out for key security gaps and close them immediately.
- Make backups, and conduct drills of restoring from backup, so that when an incident actually occurs, data can be brought back with zero disruptions.
- Prepare for the worst.
Magazine 
