Hacking healthcare data: the next wave
Ransomware continues to threaten data security in health systems. Deploying ransomware, organized cybercriminals such as the recently surfaced Industrial Spy get access to your servers, delete your backups, encrypt all your files, steal your data, and demand payment to restore your data.
Healthcare vs. ransomware
The cybersecurity firm Sophos issued a report, The State of Ransomware in Healthcare 2022, presenting statistics about attacks on health systems.
Among some of the highlights:
- 66% of healthcare organizations surveyed were hit by ransomware in 2021, up from 34% in 2020.
- 61% of the attacks on healthcare sites in 2021 resulted in data encryption.
- The healthcare sector saw the highest increase in volume (69%) and perceived complexity (67%) of cyberattacks and the second-highest increase in the impact (59%) of such attacks.
- Healthcare is most likely to pay ransoms – at a 61% rate. Although the ransom amounts were the lowest across all sectors, with $197,000 being the average, healthcare ranked second highest at $1.85 million in terms of the average cost to remediate ransomware attacks, compared with the global average of $1.4 million.
- Even when healthcare organizations pay ransoms, on average they get only 65% of their encrypted data back.
Sophos advises healthcare organizations to harden their environment by searching for and closing down security gaps such as unpatched devices, unprotected machines, open RDP ports; and practice making and restoring from backups.
Healthcare vs. smartphone hackers
Even if your organization is doing all the right things to protect websites and access to servers, your secure messaging platform may still be vulnerable. If you have a “bring your own device” policy, clinicians’ smartphones may be at risk for “smishing”—text messages with malware such as Medusa, which pretend to be from companies or brands the user trusts. Once a phone is infected, the malware will try and spread to other users. Ruses include texts about tracking UPS deliveries; claiming a prize or a refund; or information about a delivery to an Amazon Hub locker.
The power of blockchain
Blockchain can be used by health systems to help protect secure messaging platforms from ransomware attacks. There are several factors that make a platform using blockchain more secure against ransomware. For one, the decentralized nature of blockchain helps protect data from being held for ransom by hackers. Another is blockchain’s immutable nature; once information is written into a blockchain, no one, not even a system administrator, can alter it.
Diagnotes partnered with Kaleido, a ConsenSys Enterprise Business to provide the only secure text messaging platform in healthcare protected by blockchain. With blockchain built in, Diagnotes goes beyond HIPAA compliance to offer exceptional data integrity for communications. The technology works in the background without users even noticing – no additional hardware, steps, or clicks.
Diagnotes is a messaging platform for health systems that goes beyond secure texting. Our mobile platform accelerates clinical communication and gives your care teams the power to collaborate seamlessly in real time. Health systems using Diagnotes optimize their efficiency, while increasing clinician and patient satisfaction.