Healthcare is a Major Ransomware Target

Healthcare is the third-most-targeted sector, according to the report.

By Jeff Wardon, Jr., Assistant Editor


Black Kite released a report that highlights the disproportionate targeting of healthcare organizations by ransomware groups. Healthcare is the third-most-targeted sector. Physicians offices make up 25 percent of the attacks, with general medical and surgical hospitals follow closely behind with 25 and 22 percent, respectively.  

According to the report, the Change Healthcare cyberattack was a turning point in cybersecurity, prompting ransomware groups to adopt more aggressive tactics. Cyber criminals now prioritize ease of access and ransom potential over traditional ethical boundaries, putting small, resource-constrained healthcare businesses and larger organizations with greater ransom-paying ability at risk. 

Among those tactics is the practice of double extortion, where cybercriminals take not only systems offline and hold the data for ransom, but also steal the data and threaten to leak it to the public, Eroll Weiss, chief security officer at Health-ISAC, previously told Healthcare Facilities Today. It can also rise to triple extortion, where the cybercriminals utilize distributed denial of service (DDoS) attacks to take down an organization’s main website and keep it down until the victim pays.  

The stakes are high as ransomware attacks not only disrupt operations but also endanger patients' safety. With the level of quadruple extortion, patients themselves become the targets of cybercriminals according to Weiss. 

“So, they steal the data, and they know which patients are in the records they have access to,” says Weiss. “They may even have their e-mail addresses. Now, they go back to the patients and threaten to release their personal information unless that patient victim pays the attackers directly.” 

The report suggests proactive measures like monitoring vulnerabilities, vendor ecosystems and implementing strong cyber hygiene to protect healthcare organizations. Cybersecurity and Infrastructure Agency (CISA) has created the Known Exploited Vulnerability List, which determines the areas that are being exploited, what weaknesses exist and how cybercriminals are using these vulnerabilities to their advantage to attack.  

Additionally, backing up systems is a crucial measure to take to safeguard important data from being poached and rendered inaccessible following an attack. The backup strategy has to be immutable, Ben DeBow, founder and chief executive officer at Fortified, previously told Healthcare Facilities Today. Meaning, an organization’s strategy can’t be zeroed out and the data also can’t be overwritten, as a challenge with ransomware attacks is if the perpetrators are in the systems for an extended period, they can overwrite the data. If this were to happen, the healthcare organization will have no data to revert back to before the ransomware attack occurred. 

“One of the challenging things today to with organizations is they have an immense amount of data which adds to the complexity of how you protect all your data,” says DeBow. “I always focus and work with companies on protecting your most important data that runs the business.” 

Jeff Wardon, Jr., is the assistant editor for the facilities market. 



January 29, 2025


Topic Area: Information Technology , Security


Recent Posts

Facilities Market Introduces Facilities in Focus Podcast

The Facilities in Focus podcast is officially available on all streaming platforms.


New Cedar Hill Regional Medical Center GW Health Opening Date Announced

The new facility at the St. Elizabeth’s East campus will officially open in mid-April.


The Future of Healthcare Facilities: Three Trends

From workplace improvement to AI, JLL’s 2024 Global Future of Work survey reveals priorities for healthcare facilities teams.


Newly Completed UCHealth Green Valley Ranch Medical Center Wins Award

The facility won the Best New Medical Office Buildings and Other Outpatient Facilities (Less than 25,000 square feet) category in the 2024 HREI Insights Awards.


Inside Good Shepherd Rehabilitation Hospital's Modern Transformation

The newly transformed facility was designed to incorporate materials and spaces to benefit patient healing.


 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 
 
 
 

Healthcare Facilities Today membership includes free email newsletters from our facility-industry brands.

Facebook   Twitter   LinkedIn   Posts

Copyright © 2023 TradePress. All rights reserved.