Doctor holding a stethoscope with medical symbols

COVID-era Cyberattacks Target Healthcare

Ransomware continue to rise, affecting industries most vulnerable to attacks.

Few industries have been affected by COVID-19 as much as the cybersecurity industry. We have seen an increase in the following areas of cyberattacks: data exfiltration, phishing emails, account takeover, malware downloads, application attack, and ransomware. However, the repercussions of the increase in ransomware and other cyberattacks during the pandemic has gone on to negatively impact government entities, especially the healthcare industry.

Ransomware Attacks Continues to Increase

Ransomware is when cybercriminals infect a network to then restrict access to a victim’s encrypted files while the cybercriminal demands to be paid for the victim to regain access to their files. Ransomware has increased around 148% since the pandemic started. Some of the largest ransomware attacks occurred in 2021, including the Colonial Pipeline, which paid $5 million, JBS Foods, which paid out $11 million, CAN Financial, which paid out $40 million, and Kaseya, which paid out $70 million in Bitcoin to resolve the issue.

Cybercrime is a very profitable industry and seems to be growing at an intense rate. There are many reasons to why cyberattacks are increasing.

The primary reason is business entities are switching to remote work assignments instead of staying on the internal network. Many people who work from home use a virtual private network (VPN) to connect to their company’s network, which causes a vulnerability to security.

Another factor is the switch from in-person shopping to online shopping. This goes for an industry that sells products or services online.

The breach of the Colonial Pipeline in 2021 was a huge threat as almost half of the East Coasts’ fuel was at risk. The ransomware attack occurred because of the vulnerability of a VPN. VPNs are the safest way to connect to your company’s network while working remote.

Although a VPN is the most secure, it should be updated and use multi-factor authentication. It is also important to note, using at home Wi-Fi versus public Wi-Fi is always a good idea.

Graphs of cyber attacker motivations, types of breaches, and number of breaches

Cybercriminals Turn to Healthcare

In late October of 2020, many of the University of Vermont healthcare staff working from home contacted the IT team to report that they had trouble accessing their network. When the team took a look into it, they found instructions on how to contact the cybercriminals.

The IT team decided to shut down their network to prevent any further damage. Appointments, surgeries, and treatments had to be cancelled, rescheduled, or referred to somewhere else because no systems were up and running. Staff could not see when appointments were, send out emails, or access electronic health records.

To resolve the ransomware attack, the IT team had to work overtime to find a way to get the network up and running without having to pay ransom. University of Vermont Medical Center did not pay the ransomware attackers, but they did lose around $50 million in revenue.

What makes the healthcare industry so attractive to cybercriminals is that it is vital to have hospitals and emergency rooms up and running for life or death situations.

The importance of the healthcare industry allows the attackers to take advantage of them by asking for higher payments. A lot of sensitive information is stored in these systems. Our healthcare industry cannot perform the necessary duties without the health systems they work on. During the pandemic, the need for these systems is at an all-time high due to the amount of hospitalizations caused by COVID-19.

Prevention Tips

Cybercriminals will continue to try to shut down networks to demand payment. The most important way to keep a ransomware attack from happening, is to invest in your IT department or make sure you have a cyber-security team that can help you prevent or mitigate ransomware attacks.

Assuming you will have a cyber-attack at some point puts you in a position that could save your business. Below are a few steps that can help you plan for a cyber-attack.

  1. Put a plan in place and have team members that know what they are doing if anything out of the ordinary comes up.
  2. Your network should have strong firewalls and anti-virus software should be consistently updated.
  3. A backup of important files on an offline computer can be a great way to restore necessary files quickly.
  4. Have your IT team do case scenarios to see if they can resolve the issue. Be diligent and train your employees on cyber security.
  5. Every employee, no matter what department they work in should have trainings on password and phishing education and audits to prevent opening the door to cyber-attacks.
  6. Off system daily or hourly storage of backup files.
  7. Have a strong emergency plan in place to mitigate and prevent a disaster.

2022 will be a year of continuation for cybercriminals to take over networks of important business entities. As cybercriminals learn new tactics to get around our defenses, we have to continue to evolve our cybersecurity strategies that we have in place. We have to outsmart cybercriminals, and the only way to do so is predicting that a breach can happen and having a set plan.

For more information on programs available to CSD Members at no-cost, visit csdpool.org/cyber.

The owner of this website has made a commitment to accessibility and inclusion, please report any problems that you encounter using the contact form on this website. This site uses the WP ADA Compliance Check plugin to enhance accessibility.