Cyberattacks on healthcare providers have gone up 71% since 2021, according to Forbes. Recently, in Fairfield California A ransomware group known as HIVE is claiming to have stolen private data from a specific managed network. The group is claiming to have stolen data that includes about 850,000 unique records of names, social security numbers, date-of-birth, etc. This is the fourth attack that has happened this year. Not great news.

Before we dig too deep into these specific attacks, let’s take a step back and understand what ransomware is. The whole point of ransomware is to encrypt your files. Once your files are encrypted, you can’t read them anymore unless you have an encryption key. (An encryption key is a long string of characters).

A Short History on Ransomware Attacks

In the past, cyber criminals would launch an attack that was encryption only where a company couldn’t access their data without paying a ransom for a decryption key. Once the company paid, they could access the data again and all was good. The premise from an IT standpoint at this time was to prepare companies with everything they needed to block an attack, but also make sure they had very good backups. These included local backups and offsite backups. The purpose of this approach was to make sure a company could get back online as quickly as possible after an attack.

Things have changed. The hackers are now not only encrypting the files with the data, but they’re also collecting the data. And that is an important nefarious distinction because even if you have backups, or if you don’t pay the ransom, they threaten to release your data. In terms of the healthcare industry, that is a huge HIPAA violation and leads to significant fines.

HIPAA Compliant Tech

Ransomware attacks are much more efficient when they hit an old server. As data migrates to the cloud, it becomes much more difficult to replicate. If a company has all their data on a centralized server, then all a hacker needs to do is attack one user who has access to the server. Once they have access via this one user, the hacker can encrypt everything on the server and now no one can access anything on the server as the hacker spreads throughout the network.

Because of the new post-pandemic distributed workforce movement, cybercrimes have shifted to individual workstations. For healthcare, these workstations could include remote workers who work in patient homes for sessions and connect (unknowingly) to an unsecured network. This means that the protection needs to follow the device. To remain HIPAA compliant, healthcare providers need to ensure every device is fully patched, encrypted, and up-to-date on antivirus protection.

Protect Your Healthcare Company

As a healthcare provider, what can you do? Fortunately, there is newer technology called XDR that will attempt to block any communication back to a ransomware server. Guardian Computer has recently partnered with Cynet to offer this new advanced layered security protection to our clients.

This partnership will allow Guardian to offer our healthcare clients the most advanced and robust Autonomous Breach Protection with a full stack security suite for improved protection, detection, and remediation.

This full stack service was developed for businesses who are concerned with traditional virus protection and are looking for a solution to shop the increased number of threats. If you’re interested in learning more about this service, give us a call at 504-457-0005 to learn more.