Security breach concept - internet cyber-attack alert with red broken padlock icon showing unsecured data

Businesses & Healthcare facing increased risk of sophisticated cyberattacks

The number of ransomware attacks has grown significantly.....

The computer systems at Universal Health Services, which runs approximately 400 hospitals and care centres across the United States and the United Kingdom, recently experienced a massive ransomware attack, making it one of the largest medical cyberattacks in US history. 

The number of ransomware attacks has grown significantly over the past few months, as cybercriminals look to cash in on security vulnerabilities emerging as a result of increased remote work practices. 

The golden age of ransomware attacks 
In early April, near the start of the global pandemic, INTERPOL warned that it had detected a significant increase in ransomware attacks against hospitals and medical services engaged in the virus response. 
The following month, Fresenius, Europe’s largest private hospital operator that employs nearly 300,000 people across more than 100 countries, was hit with a ransomware attack on its technology systems. Hackers reportedly utilized the Snake ransomware to attack Fresenius. In September, police in Germany launched a homicide investigation after the death of a woman who was transferred to another hospital following a ransomware attack. 
Meanwhile, the World Health Organization (WHO) revealed that it was experiencing double the usual number of cyberattacks against its systems, including hackers running malicious sites impersonating the WHO’s internal email system. 
Ransomware is a type of malicious software that spreads across computer networks, encrypting files and demanding payment for a key to decrypt them. It’s become a common tactic for hackers, though attacks of this scale against medical facilities aren’t common. 
“Not only has the number of ransomware attacks increased, but ransomware itself has evolved, with some of the most popular forms disappearing and new forms emerging. In some cases, these are even more disruptive and damaging,” says Juta Gurinaviciute, Chief Technology Officer at NordVPN Teams. 

Putting patients’ safety at risk 

A computer virus could put people in serious danger if the target is a healthcare facility. Experts say old machines and outdated software at hospitals have contributed to the spread of ransomware. If the situation doesn’t improve, it could put patients’ safety into further jeopardy. 
“The consequences can be grave. If an attack happens in the middle of a surgery, whatever machines are being used could go down, forcing medical staff to fall back on manual methods,” comments the NordVPN Teams expert. ‘“MRI machines, ventilators, and some types of microscopes — are computers too. Just like our laptops, those computers come with software that the developers have to support. When the machines become old and outdated, the people who made them might stop supporting them. That means that old software can become vulnerable to attacks.” 
In many cases, hackers threaten to leak the data they’ve stolen if the victim doesn’t pay a ransom — something that might strike fear and pressure victims to give into the extortion demands. 
Patient records can sell for up to $1,000 on the black market due to the amount of information found in the documents, including date of birth, credit card information, Social Security number, address and email. Social Security numbers can be purchased for as little as $1, and credit card information sells for up to $110. 
Therefore, there should be a two-pronged approach — one that allows the organization to protect everything and also achieve HIPAA compliance. Attacks don’t just expose data, but also open the organization up to HIPAA and GDPR violations and fines, according to a global research and advisory firm Gartner. 
As governments around the world attempt to address the public health crisis and contain the spread of COVID-19, there’s a big chance that criminals will continue to exploit this chaos, triggering subsequent spikes in cyberattacks against healthcare institutions. According to Ms. Gurinaviciute, healthcare organizations, especially those that run outdated technology, should expect these kinds of attacks to continue happening around the globe.  

7 steps to protect organization’s data 
Cybersecurity doesn’t concern large hospitals or medical institutions exclusively, and general precautions should be taken in the medical industry regardless of institution size. NordVPN Teams experts suggest starting with the following: 

  1. Updates. Ensuring security patches are applied as soon as possible helps prevent hackers from exploiting known vulnerabilities that help them gain a foothold in the network. 
  2. Multi-factor authentication. Multi-factor authentication across the ecosystem can prevent hackers from moving across the network and gaining additional controls. 
  3. Regular backups. Organizations should also regularly back up their systems, as well as test those backups on a regular basis as part of a recovery plan. If the worst happens and ransomware does infiltrate the network, there’s a known method of restoring it without the need to pay ransom to cybercriminals. 
  4. Audits. Hospitals should conduct regular audits of their machines and segment their networks, so if one piece of the network is compromised, it doesn’t spread throughout the entire system. 
  5. Remote access. Only secure virtual private network (VPN) connectivity should be allowed for remote access. In addition, only whitelisted IP addresses or device IDs should be allowed to access systems, as this will allow access to authorized users only. 
  6. Treat every email with zero trust. Because of the remote work environment, the amount of information exchanged over the internet through virtual conferences and emails has skyrocketed. Establish a process that enables employees to report anything suspicious, and share regular updates and information about phishing emails. 
  7. Security training. General security policies need to be drawn up and implemented, and staff have to be appropriately trained ad-hoc, whether remotely or in person. 

For more information visit: 

For more Technology Business news follow i-invest Online

Other stories you may like

  • Exclusive Investor Proposition: London Tech Week 2024
    London is Europe’s biggest tech start up hub, with entrepreneurs creating new business across every field of tech. For investors looking to connect with the best and the brightest, there’s no better place than London Tech Week. For 2024 we’ve created a new range of features…
  • Blockchain Technology: Revolutionising Trust and Data Management
    Blockchain technology has emerged as a groundbreaking innovation, transforming various industries beyond its initial association with cryptocurrencies. In this article, we delve into the fundamentals of blockchain, its applications, and why it matters. What Is a Blockchain? At its core, a blockchain is a decentralised, distributed ledger shared among…
  • FastWave Medical’s Cutting-Edge IVL Technology: A Leap Forward in Cardiovascular Care
    FastWave Medical, a clinical-stage medical device company, has recently achieved a significant milestone by securing its third utility patent for their innovative intravascular lithotripsy (IVL) technology. This patent, granted by the United States Patent and Trademark Office (USPTO), underscores FastWave’s commitment to advancing cardiovascular care and improving patient…
  • The Rise of Smart Video Doorbells
    Smart video doorbells have become an essential part of modern home security systems. These devices allow you to see and communicate with visitors at your doorstep, even when you’re not at home. In this article, we’ll compare four popular smart video doorbells: the Arlo Video…
  • Nanotechnology in Drug Delivery
    In our data-driven era, where information flows ceaselessly, a silent revolution is unfolding at the tiniest scale: nanotechnology drug delivery. Imagine manipulating materials at the nanometer level—so small that a billion of them fit within a meter. This is where science fiction meets reality, and the…