IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Why is the healthcare industry so vulnerable to ransomware?

Hospitals and other healthcare institutions must invest in cutting-edge backup solutions to protect themselves and their patients’ data

A heartbeat monitor displayed inside an operating room

The threat of ransomware has swelled in recent years, with the indiscriminate WannaCry attack five years ago perhaps the first major incident to ring the alarm bells in the eyes of the public after it crippled the NHS. Indeed, while all sectors are vulnerable to ransomware – and can be targeted at any time – the health sector is especially susceptible. Attacks, too, must be headed off with more urgency. This isn’t just because healthcare, like much of the public sector, is lumbered with legacy IT and outdated processes, but the consequences of an attack might be particularly devastating for patients.

Ireland’s Health Service Executive (HSE), for example, was hit by a ransomware attack last May and was still in the process of recovering as late as September. The NHS, meanwhile, suffered losses of £92 million following the WannaCry attack. Healthcare services across the world have, since 2017, sought to rectify the issues that render them so vulnerable, seeking out systems developed by vendors like Wasabi to patch manifold issues including outdated infrastructure and insufficient backup provision. Despite these efforts, the health sector remains very much at risk.

Cause and effect

While it’s valid to question why healthcare is particularly vulnerable, it’s also worth pondering why ransomware gangs so frequently target institutions like hospitals. “Hackers are in the business of extorting as much money as possible by hitting organisations where they can inflict as much pain as possible,” says VP analyst for security and risk management at Gartner, Katell Thielemann. “When it comes to hospitals, particularly in the middle of a pandemic, they cannot take care of patients without technology, and they have been very responsive to ransomware demands, which just incentivises hackers to strike more.”

Beyond a compulsion to pay, in order to restore services and prevent patient harm, the sector also houses a goldmine of data including personal details and financial information. All these factors, combined with the stresses created by COVID-19, has unsurprisingly led to incidents rising in astonishing fashion.

The sector, too, suffers from a number of unique challenges, many of which centre around the growing volume of data held by healthcare services. “Their architecture is typically very complex,” continues Thielemann, adding that “the operational environment is very fluid with crisis after crisis and people coming and going around the clock”.

Beyond personal patient details, organisations host clinical information such as reports, scans, and genomic data. Much of this is also stored in on-premises infrastructure, as opposed to a streamlined, secure and accessible cloud-based platform.

With digital transformation on the agenda for many sectors, including healthcare, the transition of data from local, on-premises storage to the digital sphere over the last few years has also expanded the attack surface. The use of Internet of Things (IoT) devices in medical contexts, moreover, has inevitably opened more gateways into the sector. As Thielemann puts it: “They are full of all kinds of connected medical equipment that create a cyber-physical continuum of threats.”

The lack of modernised and state-of-the-art backup facilities is yet another thorn in the side of healthcare. Deemed the last line of defence against ransomware, backup systems ensure organisations minimise downtime and recover from attacks as quickly as possible. Multiple backups are preferable, as is ensuring geographical separation between backup copies enabled through cloud storage; in keeping with the ‘3-2-1’ rule.

Getting your backup strategy right, however, demands precision, given that opting for a cloud solution doesn’t eliminate risk in and of itself. These systems may still leave organisations vulnerable through misconfigured buckets, exposed remote desktop services and viruses that can slip into a network and inadvertently get uploaded to the cloud as part of a backup process.

The golden copy

For healthcare organisations seeking to raise their resilience against ransomware attacks in 2022 and beyond, cloud solution providers like Wasabi offer a variety of tools that can bolster defences. Dubbed hot cloud storage with immutability for data protection, Wasabi provides a secure, high-performing, air-gapped and immutable data protection system that’s almost impossible to penetrate.

Consistently and securely backing up applications, configurations and data is the cornerstone of ransomware mitigation, and there’s very little the health sector can do but pay the ransom in the event of an attack without a secure, offsite backup. Immutability, which can be achieved through a Wasabi storage bucket, is essential in ensuring any backup created cannot be tampered with. This means that any data written to the bucket can’t be deleted or manipulated through its storage lifetime. Other benefits include preventing encryption by crypto ransomware, while aiding compliance with a swathe of regulations.

It’s also essential that any ransomware-mitigation solution that healthcare IT deploys is cost-effective, given the need to prioritise expenditure on the front line. The cloud, moreover, is the most feasible in terms of storing data in a secure location off-site. The low cost involved in acquiring Wasabi’s hot cloud storage service, for example, offsets the licensing costs of the backup and recovery tools, reducing the overall cost and improving the expected return on investment dramatically.

Fighting ransomware, particularly for a sector as vulnerable as healthcare, requires engaging in a process of improving and enhancing the technology at your disposal on a continuous basis. It’s also a matter of when, and not if, you’ll suffer a cyber attack. In today’s environment, mitigating ransomware means investing in modern infrastructure and cloud-enabled backup systems that can offer secure and immutable storage. This ensures hospitals can always fall back on a golden copy that’s impossible to tamper with, so there’s no payout to cyber gangs, and patients can continue getting the treatment they need.

Learn more about Wasabi’s hot storage and immutable backups services

Featured Resources

Activation playbook: Deliver data that powers impactful, game-changing campaigns

Bringing together data and technology to drive better business outcomes

Free Download

In unpredictable times, a data strategy is key

Data processes are crucial to guide decisions and drive business growth

Free Download

Achieving resiliency with Everything-as-a-Service (XAAS)

Transforming the enterprise IT landscape

Free Download

What is contextual analytics?

Creating more customer value in HR software applications

Free Download

Recommended

Mastering endpoint security implementation
Security

Mastering endpoint security implementation

18 May 2022
The Total Economic Impact™ of Apple Mac in Enterprise: M1 update
Whitepaper

The Total Economic Impact™ of Apple Mac in Enterprise: M1 update

12 May 2022
Dell Technologies World 2022: Dell unveils fastest storage architecture in company history
Server & storage

Dell Technologies World 2022: Dell unveils fastest storage architecture in company history

4 May 2022
Dell Technologies World 2022: Dell unveils security offerings for major cloud providers
public cloud

Dell Technologies World 2022: Dell unveils security offerings for major cloud providers

3 May 2022

Most Popular

16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

13 May 2022
Preparing for the 3G sunset
Network & Internet

Preparing for the 3G sunset

18 May 2022
(ISC)2 launches free scheme to get 100,000 UK citizens into cyber security
Careers & training

(ISC)2 launches free scheme to get 100,000 UK citizens into cyber security

17 May 2022