The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) released a warning to hospitals and the healthcare industry about a significant increase in ransomware attacks targeting hospitals and the healthcare industry. Important Note: This article focuses on ransomware attacks in healthcare, but EVERY industry has a significant risk of attacks by cybercriminals and ransomware!
The people behind these attacks aren't the lone actors we sometimes envision sitting in a dark basement plotting against the world.
Cybercriminal rings are organized businesses with financial backing and resources. Their goal is to scale their processes to get as much cash as possible from unsuspecting organizations that fall victim to their ransomware. They heavily invest in the latest malware variants and employ professional teams whose SOLE PURPOSE is to trick you or your team member into clicking a link in an email or downloading a file.
These hacking organizations are heartless. They are out to get you. They’re targeting hospitals and the healthcare industry at this critical time during a global pandemic because they know that people are tired and stressed and are much more likely to be tricked by a malicious email phishing attack.
I hear stories about healthcare organizations within the St. Louis area losing tens of thousands of dollars due to a ransomware attack. It makes me furious that hackers and cybercriminals are targeting organizations that are trying to HELP SICK PEOPLE! There's no other way to describe these vile people besides greedy and malicious.
Yet, so many people are unaware of the threat lurking in their email inbox. The most talented criminals and villains make it seem like they're not real threats. They wear a friendly mask and hide amongst the emails from our coworkers, our favorite restaurants, and our messages for everyday work.
Right now, I am sure your email inbox is flooded with obvious SPAM messages that most people can easily identify. These are the work of low-grade cybercriminal rings, not the same sophisticated organizations behind the most recent ransomware attacks. The advanced hackers have invested heavily in malware variants and psychological tactics to trick you and your employees. And, their investment has paid off.
The evidence of lucrative profits from ransomware is a rapidly growing market.
- The individual ransom of 1,400 clinics, hospitals, and other healthcare organizations varied from $1,600 to $14 million per attack.
- People are increasingly paying the ransoms after ransomware infection (CyberEdge report)
- 2018 – 39% paid the ransom
- 2019 – 45% paid the ransom
- 2020 – 58% paid the ransom
Healthcare isn’t the only industry being targeted. Every business is at risk! These cybercriminals plot and scheme every possible way to steal money from businesses like yours, trying to make an honest living. Now is the time to rally your team and embrace a call to arms to protect your organization and business's purpose and mission.
Complacency is the commonality that cybercriminals are counting on when strategizing the best way to attack your business and steal your money. You can't afford to rely on hope as a strategy to keep your business protected!
Thankfully, there's an army of "good guys" working diligently to help keep your business protected. The same next-generation antivirus, email SPAM filtering solutions, and cutting-edge cybersecurity protections used by large enterprises are now available for small and medium businesses.
In addition to technology solutions to keep your business protected, every member of your team is a critical part of your overall ransomware protection strategy. A single click on a link in a malicious email can circumvent ALL the security protections in place. So, training and testing every member of your team is critical.