Ransomware – What Is the Cure for Hospitals?

Chuck BrooksArchitect, Healthcare Solutions August 9th 2016

Recently, ransomware has made mainstream media headlines with many hospitals and healthcare organizations being named as noteworthy targets. Additionally, earlier this year, Healthcare IT News and HIMSS Analytics found that as many as 75 percent of U.S. hospitals that they surveyed could have been hit with ransomware in the last year, meaning that only 25 percent either were unsure if they were targeted or did not experience a breach. The survey also found considerable uncertainty, unclear business continuity plans and the need for more effective end-user education within hospitals across the industry. At the same time, ransomware attackers have upped the ante with attacks that encrypt not just files on an individual computer, but on core servers that can prevent an entire organization from accessing shared files and databases.

These findings are important because hospitals and healthcare facilities house endless amounts of critical patient data on their servers and medical devices, and any disruption can have a much more dire impact than it would on other organizations vulnerable to malware-based extortion. Because of this, hackers see healthcare organizations as more likely to pay the ransom, further underscoring the need to maintain an effective network security posture. Fortunately, this recent surge in ransomware attacks on hospitals is driving healthcare organizations to consider new and improved approaches to dealing with this evolving threat.

With this knowledge, hospitals must reevaluate how they are putting medical devices and other critical patient data on their networks and be proactive about security concerns related to patient information. Rather than relying on outside departments to alert them about medical device concerns, hospital IT departments need to identify abnormal network activity and address it accordingly. At Extreme, we’re focused on ensuring that hospitals and healthcare facilities are operating with a secure network by using multiple approaches. ExtremeControl gives the IT team the ability to apply policy from any network node to any individual device accessing the network, whether it is a patient device or a life critical medical device. ExtremeManagement provides efficient and centralized control of both wired and wireless network infrastructure as well as resources that simplify management, ease troubleshooting and enhance network reporting. And, with ExtremeAnalytics, we provide visibility into application usage across the entire network to protect against suspicious or malicious use of the network and its valuable resources.

It is obvious that the industry must do more in terms of evaluating network security in order to ensure patient safety and confidentiality. However, we are making progress by supporting proactive security measures, and with our approach to evaluating network activity we are able to adequately address abnormalities as they arise. Information security professionals, technology executives and administrators need to work together to identify and defend against cyber incidents of all kinds, especially ransomware.