Prospect Medical Holdings, which operates 16 hospitals and over 165 clinics and outpatient centers in Connecticut, Pennsylvania, Rhode Island, and Southern California, is shutting down its clinical operation services and taking its IT systems offline due to ransomware, forcing clinicians to revert to paper processes.
The company said in a statement, “Upon learning of this, we took our systems offline to protect them and launched an investigation with the help of third-party cybersecurity specialists,” “While our investigation continues, we are focused on addressing the pressing needs of our patients as we work diligently to return to normal operations as quickly as possible.”
Ransomware software encrypts your data or stops you from accessing your systems. The criminals then demand a ransom in exchange for the decryption key.
Last month Hospital Corporation of America suffered a breach affecting 11 million records, and security experts recommend not paying the ransom since it does not guarantee that you will get back the system access.
In a recent ransomware research report from Barracuda, ransomware attacks on healthcare increased from 12% to 18% in 2023.
The report highlights that attackers typically use email and web applications as starting points for ransomware by sending fake email messages that ask for your user credentials. Once attackers compromise the credential, they quickly use it as a launchpad for ransomware attacks, moving laterally inside the organization and avoiding detection.
Another interesting highlight from the report is that 77% of organizations with cyber insurance experienced a successful ransomware attack, while only 65% of organizations without cyber insurance did.
Here is what healthcare technology leaders should do next.
Are You Prepared?
Organizations usually don’t practice downtime procedures, such as reverting to using paper. Clinicians and users are all used to operating in the electronic world, but how will organizations continue practicing patient care in the paper world?
Many healthcare organizations do not have paper forms available quickly in case of downtime. Consider your downtime procedures, especially if it involves returning to the paper route.
Backup
Back up your system and other essential files frequently and verify those backups. If ransomware infects your computer, you can use your backups to restore your system to its previous state. The key is backing up systems while testing and regularly restoring them as a practice.
Organization Reminders
Remind your organization to open email attachments cautiously. Approach email attachments with caution, even if they come from familiar senders. Confirm the identity of email senders. If you doubt an email’s authenticity, contact the sender directly and refrain from clicking on any links in the email.
Multifactor Authentication Is Not An Option
Experts recommend implementing multifactor authentication (MFA) as a best practice, and every organization should adopt it as a non-negotiable standard. Organizations should consider using MFA for all applications, whether employees access the systems on the organization’s network or remotely. Recently, attackers have been finding ways to bypass MFA, so another layer of protection may be required.
In conclusion, protecting healthcare organizations from ransomware attacks is like providing safe patient care. Healthcare technology leaders must work on keeping major cybersecurity incidents from occurring regularly.
Read the full article here