Daniel Reardon on Cybersecurity and Health Care Industry

This is another great article from Lifars – posted February 3, 2017

Click here to read the full interview of Danial Reardon

Here is a snippet:

LIFARS: Could you tell us about overall risk in the face of ransomware attacks in healthcare industry?

Daniel: The overall risks to the healthcare industry regarding ransomware attacks are very high and they will continue to increase in 2017. While most industries have experienced their issues combating ransomware, the healthcare industry is being targeted more and more and with even greater precision.  Why is this?

The healthcare industry and healthcare data affects human lives, and these organizations are in the business of doing whatever they can to help and protect human life.    This makes healthcare data (PHI) absolutely mission critical to the nature of their business.  These healthcare organizations must operate under HIPAA compliance to satisfy the healthcare data requirements.

I believe the increased risk from ransomware is because the secret is out that hospitals and healthcare organizations have been paying ransoms to get their encrypted data or systems back online.  Healthcare organizations are submitting to these criminals, and are taking no chances at losing patient data, potential lawsuits, or even worse, putting human lives at risk.

There are examples out there where healthcare organizations have paid tens of thousands in ransom to get patient data back.   Cyber criminals are aware of these payments, and they are using ransomware as their weapon to expose this policy weakness.

While healthcare organizations should primarily focus on preventing ransomware from getting on their networks in the first place, some organizations are paying the ransom because it is the quickest way to get their data back and or/a system back online.  Delta Risk has had clients seek our advice on whether they should pay a ransom if they are impacted.  While we advise highly not to pay a ransom, there are clients considering it as part of a contingency plan if such a problem where to occur on a mission critical system.

Paying ransoms has really created momentum in the ransomware risks to a healthcare organization. Paying a ransom doesn’t guarantee you will be able to even get the data back, and it will also put a bigger bullseye on the organization’s back as the criminals begin to target any paying organization more aggressively.

Another factor I believe attributed to the increase in ransomware attacks is the cryptocurrency bitcoin.  Bitcoin has been a boon for criminals looking to make a quick buck, and it compliments ransomware extremely well.  Bitcoin is a means for these criminals to blackmail healthcare organizations without much trace to the financial transaction.  It has gotten easier to setup a bitcoin account, and to link a bitcoin account to the malware so that a ransom can distributed easily and anonymously.  Bitcoin has perpetuated the spreading of ransomware with criminal intent for financial gain.

As more healthcare devices get integrated online, these devices will continue to expose healthcare organizations to more risks as their digital footprint expands. As the old adage goes, “There is no honor amongst thieves”, so I foresee the ransomware threat to healthcare industry to continue to develop and in a more tactical manner, without any mercy.  Spearheaded ransomware that targets entire business functions or operational systems that are mission critical will continue to disrupt healthcare organizations.  As long as the potential for profit is greater than the likelihood of getting caught, healthcare organizations will to continue to be a criminal’s primary target.