HealthcareInfoSecurity reported on several recent ransomware attacks across different states and practices within the health care sector. The publication turned to privacy, cybersecurity and data strategy counsel Jason G. Weiss to provide insight on ransomware attacks in the health care sector.
In the article, “In Healthcare, Ransomware Hitting Diverse Targets,” Weiss explained why he predicts that the ransomware problem will get worse long before it gets better.
“Ransomware gangs are making millions of dollars exploiting these types of cyberattacks against unprepared victims. Healthcare entities are clearly the main target of these attacks because their data is not only critical, and therefore valuable, but healthcare facilities deal with life-and-death matters every day, and they have to do everything they can to get their systems back up or patients could literally die. Unless and until healthcare facilities can harden their networks, train their employees and prevent these attacks from starting, they are only going to continue to get worse,” said Weiss.
Weiss also described a two-pronged defensive strategy he suggests health care systems adopt.
“First, harden your IT and operational technology networks before the cyberthreat actors find a weakness and exploit it,” Weiss shared. Second, he suggested that health care entities conduct employee awareness training.
“It is critical they learn how to identify and defeat social engineering attacks designed to get these employees to inadvertently introduce malware from phishing emails and other cyberattacks into the victim network. Vigilance is the key to defense,” Weiss noted.