A report by Corvus indicated a 350% increase in ransomware attacks on health care companies in Q4 of 2019 compared to Q4 of 2018. The later part of 2019 was filled with reports of ransomware attacks on a variety of IT vendors that work with many healthcare organizations such as hospitals and health systems, as reported by XTelligent Healthcare Media. These attacks carried into 2020 with 4 healthcare organizations reporting ransomware attacks in January alone.
Corvus data scientists examined the ransomware reports and concluded that the three biggest factors affecting security are attack surface, email security, and hosting/server setup.
Most healthcare organizations have less than the average size of attack surface (open ports) making it easier to protect. Keeping a healthcare organization’s open ports and exposure to a minimum is a good way to defend against potential ransomware attacks.
While healthcare organizations use more than the average amount of email scanning and filtering tools, about 75% of healthcare organizations fail to use these tools at all on their email platforms. Health practitioners, such as dentists and physicians, are 14% less likely, on average, to use a simple form of email authentication. These tools are meant to protect an employees’ inboxes from receiving suspicious emails that are potentially dangerous to the organization.
The data scientists from Corvus wrote, “These services are associated with a 33% reduction in the likelihood of a ransomware attack. All healthcare entities should strongly consider such services to help prevent phishing.”
Hosting and Sever Setup
The Corvus data scientists found that hospitals are 6 times more likely to use internal hosting rather than a third-party hosting provider. This allows hospitals to keep security measures in their own hands, rather than with a third-party vendor, ensuring their organization’s security.
A report by Comparitech shows that in 2016 there were over $157 million worth of ransomware attacks on US healthcare organizations. The 2017 NotPetya and Wannacry attacks heightened the anxiety over ransomware attacks, especially on healthcare organizations. Corvus data scientists also reported a 75% increase in attacks from the first half of 2019 to the second.
Although January of 2020 showed an alarming continuation of the increase in attacks, the curve has since flattened. Corvus speculates that the potential reduction in ransomware attacks is a result of lockdowns due to COVID-19. Although the attacks have decreased since the beginning of the pandemic, it is important for healthcare executives to evaluate the protection of their organization’s IT infrastructure. With 91% of attacks stemming from phishing emails, email security should be a top priority.