A recent article in SC Magazine highlighted an increase in ransomware threats targeting healthcare organizations. In light of a resurgence of COVID-19 cases and hospitalizations, it’s not surprising that attacker activity on healthcare organizations has intensified.
Recent Ransomware Attacks on Healthcare Organizations
The article highlighted recent attacks on two Midwestern healthcare providers. One of the providers has been operating on electronic health record downtime procedures since the attack happened on August 15th. As a result of the attack, the provider was forced to divert emergency care and cancel surgeries across three hospitals.The other provider also experienced disruption and had to shut down its electronic health record system and network. It also appears that in this case there may also have been data stolen related to its Health Foundation.
In addition to the issues at these two providers, the article highlighted three other recent breaches at large providers based on data from the Department of Health and Human Services breach reporting tool.
The healthcare industry has been and will continue to be an attractive target for attackers. As we have seen with other industries, the pace of attacks will ebb and flow as attackers look to take advantage of “event-driven” opportunities.
Unfortunately, while there is no silver bullet to protect against ransomware attacks there are steps healthcare providers can do to mitigate the risk. First, healthcare organizations should expand their use of cyber intelligence. This includes using cyber intelligence from commercial sources, open source, industry sources like H-ISAC, and government sources. By using multi-source cyber intelligence, health care organizations gain greater visibility into the threat environment. Second, while expanding the use of cyber intelligence has benefits, it’s even more critical that healthcare organizations deploy cyber intelligence in order to protect themselves from cyber attacks. Visibility is great but protection is better. Finally, healthcare organizations need to use security automation to help scale their security efforts. Batting cyber threats is a volume game and the only way to scale cyber defenses in light of the high volume of threats and a continued shortage of security resources is to use automation.
Reasons Healthcare Organizations use the ThreatBlockr Platform
At ThreatBlockr, we’re proud that the healthcare industry represents one of our top verticals. Healthcare providers of all shapes and sizes use our platform as one of their critical layers of cyber protection. There are several key reasons why healthcare organizations use the ThreatBlockr platform including:
- “Out of the box” access to tens of millions of cyber intelligence indicators from best-in-class sources, including leading commercial threat intelligence providers like DomainTools and Webroot, open source, and government sources.
- The ability to easily integrate cyber intelligence from any source using over 50 connectors and “out of the box” integrations. This includes the ability to easily integrate healthcare industry cyber intelligence from H-ISAC.
- The ability to block up to 150 million threat indicators in real time. ThreatBlockr can block using third-party cyber intelligence at a scale that far exceeds the capabilities of any next-generation firewall. As an added bonus, our platform also makes your firewall better!
- Our platform is simple to deploy and use. We make it easy for healthcare organizations to acquire and deploy cyber intelligence without the need for extensive resources.
- The highly automated nature of our platform allows healthcare organizations to scale up their security efforts without adding significant resources.
For more information on how ThreatBlockr can help your healthcare organization to use cyber intelligence to improve your ability to defend against ransomware and other threats, check out our Healthcare Industry Data Sheet. If you want to see our platform in action, feel free to Schedule a Demo.