Healthcare Cybercrime Has Thrived

The Health and Human Services (HHS) Office for Civil Rights’ monthly report for October doesn’t paint a pretty picture of cybercrime in 2019. What has already been a landmark year for cybercriminals operating in the healthcare industry is set to close with a bang:

  • October saw a 44% increase in cybercrime attacks on healthcare organizations when compared to September
  • 52 breaches occurred in October alone
  • 38 million healthcare records have been breached in 2019 so far

This all goes to show why proper cybersecurity practices – including incident response – are so important for healthcare organizations. Without the right processes in place, how can you expect to respond effectively to attack by cybercriminals, and protect your patients’ data?

What Cybercrime Strategies Will Incident Response Help You Deal With?

The three biggest cybercrime events listed in the HHS monthly report are based on two different types of cybercrime attacks:

Ransomware is a type of malware that encrypts the target’s data (making it unreadable and inaccessible) and holds it for ransom. It targets all data on the target’s systems, making it impossible for them to ignore until they pay the ransom, or wipe the data.

Ransomware is a growing problem for healthcare organizations of all sizes – in fact, almost half of all ransomware incidents reported last year targeted healthcare companies. In October 2019, ransomware exposed 152,000 patients’ records at Betty Jean Kerr People’s Health Centers.

Phishing is a method in which cybercriminals send fraudulent emails that appear to be from reputable sources in order to get recipients to reveal sensitive information and execute significant financial transfers.

According to the HHS report, two of the month’s biggest breaches were due to phishing:

  • Kalispell Regional Healthcare, 140,209 records breached
  • Methodist Hospitals, 68,039 records breached

Do You Have A Viable Incident Response Strategy?

If you think you may have been the victim of ransomware, phishing, or another type of cybercrime, your first step is to get in touch with your IT support immediately. If you haven’t already, don’t hesitate to hire professional cybersecurity experts. Hardening your systems against attacks and thereby making yourself a harder target for cybercriminals is absolutely critical.

Beyond that, make sure to follow these three steps:

  1. Isolate The Damage
    Your first move when an attack occurs is to isolate the computer from the network to prevent further access. Remove the network cable from the tower or laptop and turn off your networking functions (the Wi-Fi settings). Do this manually even if you have security software that claims to shut down the connection for you.
  2. Power Down
    You also need to shut down your computer to prevent damage to your hard drive. Ideally, your anti-virus and anti-spyware will prevent the attacker from getting that far, but you still need to remove it from the computer to protect it fully.
  3. Control Access
    Resetting your passwords is also critical. You should be sure to create entirely new passwords and avoid re-using them at any point. Don’t forget to check any accounts linked to your computer, including social media profiles, email accounts, online banking, and any other potential targets.

BlueHat Cyber can help – we offer incident response services that manage the plans, procedures, and guidelines in the handling of data breach events at your office(s), or via any of our servers or mobile devices.

The incident response plan encompasses procedures on incident response engagement and how the incident response team will communicate with the rest of the organization, with other organizations, with law enforcement and provides guidance on federal and local reporting notifications processes.

This plan is necessary to clarify the roles and responsibilities of your employees so you can quickly mitigate risks, reduce the organization’s attack surface, contain and remediate an attack, and minimize overall potential losses.

If you want to protect your healthcare organization from cybercrime, you have to consider what would happen if you were breached by cybercriminals. You need an incident response plan.

Like this article? Check out the following blogs to learn more:

Invest in Valuable Technology for Quality Profitable Work by Your Sales Team

SIEM -Security Information and Event Management

Microsoft Ending Support On Key Products

Not Sure Where To Start?