The threat of ransomware has swelled in recent years, with the indiscriminate WannaCry attack five years ago perhaps the first major incident to ring the alarm bells in the eyes of the public after it crippled the NHS. Indeed, while all sectors are vulnerable to ransomware – and can be targeted at any time – the health sector is especially susceptible. Attacks, too, must be headed off with more urgency. This isn’t just because healthcare, like much of the public sector, is lumbered with legacy IT and outdated processes, but the consequences of an attack might be particularly devastating for patients.
Ireland’s Health Service Executive (HSE), for example, was hit by a ransomware attack last May and was still in the process of recovering as late as September. The NHS, meanwhile, suffered losses of £92 million following the WannaCry attack. Healthcare services across the world have, since 2017, sought to rectify the issues that render them so vulnerable, seeking out systems developed by vendors like Wasabi to patch manifold issues including outdated infrastructure and insufficient backup provision. Despite these efforts, the health sector remains very much at risk.
Cause and effect
While it’s valid to question why healthcare is particularly vulnerable, it’s also worth pondering why ransomware gangs so frequently target institutions like hospitals. “Hackers are in the business of extorting as much money as possible by hitting organisations where they can inflict as much pain as possible,” says VP analyst for security and risk management at Gartner, Katell Thielemann. “When it comes to hospitals, particularly in the middle of a pandemic, they cannot take care of patients without technology, and they have been very responsive to ransomware demands, which just incentivises hackers to strike more.”
Beyond a compulsion to pay, in order to restore services and prevent patient harm, the sector also houses a goldmine of data including personal details and financial information. All these factors, combined with the stresses created by COVID-19, has unsurprisingly led to incidents rising in astonishing fashion.
The sector, too, suffers from a number of unique challenges, many of which centre around the growing volume of data held by healthcare services. “Their architecture is typically very complex,” continues Thielemann, adding that “the operational environment is very fluid with crisis after crisis and people coming and going around the clock”.
Beyond personal patient details, organisations host clinical information such as reports, scans, and genomic data. Much of this is also stored in on-premises infrastructure, as opposed to a streamlined, secure and accessible cloud-based platform.
With digital transformation on the agenda for many sectors, including healthcare, the transition of data from local, on-premises storage to the digital sphere over the last few years has also expanded the attack surface. The use of Internet of Things (IoT) devices in medical contexts, moreover, has inevitably opened more gateways into the sector. As Thielemann puts it: “They are full of all kinds of connected medical equipment that create a cyber-physical continuum of threats.”
The lack of modernised and state-of-the-art backup facilities is yet another thorn in the side of healthcare. Deemed the last line of defence against ransomware, backup systems ensure organisations minimise downtime and recover from attacks as quickly as possible. Multiple backups are preferable, as is ensuring geographical separation between backup copies enabled through cloud storage; in keeping with the ‘3-2-1’ rule.
Getting your backup strategy right, however, demands precision, given that opting for a cloud solution doesn’t eliminate risk in and of itself. These systems may still leave organisations vulnerable through misconfigured buckets, exposed remote desktop services and viruses that can slip into a network and inadvertently get uploaded to the cloud as part of a backup process.
The golden copy
For healthcare organisations seeking to raise their resilience against ransomware attacks in 2022 and beyond, cloud solution providers like Wasabi offer a variety of tools that can bolster defences. Dubbed hot cloud storage with immutability for data protection, Wasabi provides a secure, high-performing, air-gapped and immutable data protection system that’s almost impossible to penetrate.
Consistently and securely backing up applications, configurations and data is the cornerstone of ransomware mitigation, and there’s very little the health sector can do but pay the ransom in the event of an attack without a secure, offsite backup. Immutability, which can be achieved through a Wasabi storage bucket, is essential in ensuring any backup created cannot be tampered with. This means that any data written to the bucket can’t be deleted or manipulated through its storage lifetime. Other benefits include preventing encryption by crypto ransomware, while aiding compliance with a swathe of regulations.
It’s also essential that any ransomware-mitigation solution that healthcare IT deploys is cost-effective, given the need to prioritise expenditure on the front line. The cloud, moreover, is the most feasible in terms of storing data in a secure location off-site. The low cost involved in acquiring Wasabi’s hot cloud storage service, for example, offsets the licensing costs of the backup and recovery tools, reducing the overall cost and improving the expected return on investment dramatically.
Fighting ransomware, particularly for a sector as vulnerable as healthcare, requires engaging in a process of improving and enhancing the technology at your disposal on a continuous basis. It’s also a matter of when, and not if, you’ll suffer a cyber attack. In today’s environment, mitigating ransomware means investing in modern infrastructure and cloud-enabled backup systems that can offer secure and immutable storage. This ensures hospitals can always fall back on a golden copy that’s impossible to tamper with, so there’s no payout to cyber gangs, and patients can continue getting the treatment they need.
Learn more about Wasabi’s hot storage and immutable backups services
-
RSAC Conference 2025: The front line of cyber innovationITPro Podcast Ransomware, quantum computing, and an unsurprising focus on AI were highlights of this year's event
-
Anthropic CEO Dario Amodei thinks we're burying our heads in the sand on AI job lossesNews With AI set to hit entry-level jobs especially, some industry execs say clear warning signs are being ignored
-
LockBit data dump reveals a treasure trove of intel on the notorious hacker groupNews An analysis of May's SQL database dump shows how much LockBit was really making
-
‘I take pleasure in thinking I can rid society of at least some of them’: A cyber vigilante is dumping information on notorious ransomware criminals – and security experts say police will be keeping close tabsNews An anonymous whistleblower has released large amounts of data allegedly linked to the ransomware gangs
-
US healthcare firm postponed procedures after cyber attack knocked systems offlineNews The incident at Kettering Health disrupted procedures for patients
-
It's been a bad week for ransomware operatorsNews A host of ransomware strains have been neutralized, servers seized, and key players indicted
-
Everything we know about the Peter Green Chilled cyber attackNews A ransomware attack on the chilled food distributor highlights the supply chain risks within the retail sector
-
US healthcare data breaches are out of control – over 400 million patient records have been exposed in the last two yearsNews There's been a huge surge in the number of healthcare data breaches in recent years
-
Scattered Spider: Who are the alleged hackers behind the M&S cyber attack?News The Scattered Spider group has been highly active in recent years
-
More than 5 million Americans just had their personal information exposed in the Yale New Haven Health data breach – and lawsuits are already rolling inNews A data breach at Yale New Haven Health has exposed data belonging to millions of people – and lawsuits have already been filed.
