Cyber warriors in healthcare are on high alert as Russia’s invasion of Ukraine marks 2022 as a year of increased threat following a record number of healthcare cyberattacks last year.
On Feb. 23, the day after Russia’s invasion began, the American Hospital Association (AHA) issued a cybersecurity advisory to its members stating that that they should be on guard as “hospitals and health systems may be targeted directly by Russian-sponsored cyber actors.” It added that “AHA’s concerns are heightened by the Russian military’s previous behavior of utilizing cyber weapons in support of military actions against Ukraine,” noting the 2020 NotPetya malware incident.
The U.S. Cybersecurity Infrastructure Security Agency (CISA) then issued an infrequent “shields up” warning to government agencies and private sector players including healthcare providers.
News site Fierce Healthcare reported in February that breaches hit an all-time high last year, affecting 45 million peoples’ records. While some malware, like NotPetya, is designed for disruption, others are created for fraud, and of those, perhaps the most feared — and effective — is the ransomware attack.
Last week, the Department of Health and Human Services (HHS) released the report “Analysis of the Russia/Ukraine Conflict,” which lists several known ransomware attacks on hospitals and health systems through last year.
See also: Ransomware Affects 58% of Health Orgs
Healthcare Ransomed
HHS advises hospitals and healthcare providers to create cyber-incident response plans to keep critical functions up and running if tech systems are disrupted or need to be taken offline.
“Hospitals and health systems should implement 4- to 6-week business continuity plans and well-practiced downtime procedures,” it cautions.
That guidance aligns with the Cyber Incident Reporting for Critical Infrastructure Act (HR 5440), signed into law March 15 as part of the $1.5 trillion fiscal 2022 spending package. The act makes reporting of ransomware attacks and demands within mandatory within 72 hours.
“This information will fill critical information gaps and allow us to rapidly deploy resources and render assistance to victims suffering attacks, analyze incoming reporting across sectors to spot trends, and quickly share that information with network defenders to warn other potential victims,” CISA Director Jen Easterly said in a statement.
Read also: Maryland’s Department of Health Faces Ransomware Attack
The administration has categorized healthcare and public health as critical infrastructure sectors needing special cybersecurity protection and vigilance, especially after the invasion.
Fighting Ransomware-as-a-Service
The troubling rise of Ransomware-as-a-Service (RaaS) is making attacks easier to launch and shows how well equipped cyberthieves are becoming.
Cybersecurity firm CrowdStrike, a top performer in PYMNTS CE100 Index, noted in a February blog post that RaaS kits now allow bad actors without the skills or resources to develop their own ransomware to get their criminal enterprises up and running easily — much as anyone else purchasing any other out-of-the-box software solution would.
“A RaaS kit may include 24/7 support, bundled offers, user reviews, forums and other features identical to those offered by legitimate SaaS providers,” Strike said. “The price of RaaS kits ranges from $40 per month to several thousand dollars — trivial amounts, considering that the average ransom demand in 2021 was $6 million.”
Artificial intelligence (AI) is at the vanguard of the fight against healthcare fraud.
According to AI In Focus, a collaborative study by PYMNTS and Brighterion, a Mastercard company, 100% of health insurers with over $1 billion in revenue plan to invest in AI in the next one to three years, in no small part to beef up cybersecurity. Nearly 90% with revenues between $100 million and $1 billion are planning similar investments.
Get the study: The Healthcare Technology Roadmap
We’re always on the lookout for opportunities to partner with innovators and disruptors.
Learn More