HOSPITALS
In addition , the FIN12 cybercriminal group deploying Ryuk ransomware was responsible for around 20 % of all ransomware intrusions responded to by Mandiant2 in the past 12 months , with the healthcare sector being “ disproportionately impacted ”. According to a new study , 81 % of UK healthcare organisations suffered a ransomware attack in the past year , with 64 % saying they had to cancel face-to-face appointments because of an attack , while 65 % believe that a cyberattack on their systems could lead to a loss of life . Worryingly , in the third quarter of 2021 there was a 30 % increase in attacks on the healthcare sector , compared to the previous three-month period .
Against this threat landscape , healthcare organisations are especially vulnerable as there are many potential entry points for attacks . These include :
• Old , unpatched systems ( the entry point for the WannaCry attack ) and poorly configured cloud storage
• Remote workers vulnerable to identity theft , and firewall configurations that have been relaxed for staff working from home
• External facing services ( such as a VPN ) through which organisations allow connections to remote devices
What can be done to guard healthcare organisations against cyber attacks ? If they find they are unable to commit as much resource as needed to defend against cybercrime , NHS trusts and other healthcare organisations are advised to consider outsourcing a managed security service provider ( MSSP ).
A reputable MSSP can provide 24 / 7 security from full-time experts at a lower cost than in-house resources , providing a much faster threat response . But MSSPs offering services to healthcare organisations have to be able to create a bespoke security system that responds to the healthcare workflow and prioritises patient care . Reducing the vulnerability of healthcare organisations to cyber-attacks must take a multi-angled approach , with the basics including :
1 . Carry out staff awareness training on phishing , malicious email and social engineering
28 February 2022