By ensuring vulnerability management, focusing on remediation, and learning from other victims, organizations can minimize their chances of becoming repeat victims of healthcare ransomware attacks, Health IT Security reports.
A ransomware attack on healthcare can disrupt EHRs, cause data encryption, divert ambulances, and cause other disruptions. After an attack, healthcare organizations must work quickly to restore critical operations and ensure patient safety.
Despite a comprehensive incident response plan, organizations may overlook critical considerations during the rapid response and recovery process, making them vulnerable to future attacks.
A 2022 study by Cybereason found that organizations that pay the ransom are more likely to be victimized again in the future. Surveyed cybersecurity professionals from diverse sectors (including healthcare) were hit again for a higher ransom less than a month after paying the ransom.
Even though risk cannot be eliminated, organizations can reduce the likelihood that they will fall victim to repeat healthcare ransomware attacks. This is done by ensuring that they have a thorough vulnerability management process, learning from other healthcare organizations, and remediating properly the first time around.
According to a Sophos report from August 2022, more organizations in a variety of industries have been attacked multiple times within a few hours, days, weeks, or months. According to Sophos, most of these incidents were caused by exploitable vulnerabilities and misconfigurations left by earlier attackers.
“Getting back to working order is all well and good, but if you are already having downtime because of a successful attack, adding a couple of minutes or hours to that downtime to make sure it doesn’t happen again is a worthwhile investment.”