The healthcare industry is disproportionately impacted by cybersecurity threats on an annual basis. The Center for Internet Security is stepping in to help.
Threat actors around the globe have often targeted the healthcare industry. It’s a soft target, especially for ransomware because their facilities need systems to be up and running, so the likelihood of success is greater than other industries. Plus, there is a plethora of data collected by healthcare facilities for determining proper medical treatment, data that is valuable to anyone who knows where to sell it. When you have a literal gold mine, and no moral compass, it’s easy to see why threat actors target healthcare so often. But there is a light at the end of the tunnel, the Center for Internet Security (CIS) is now offering ransomware protection to all U.S. hospitals at no cost.
The COVID-19 pandemic saw a dramatic increase in cybersecurity problems, especially toward the end of 2020. No industry went unaffected, but the healthcare industry was disproportionately affected due to the rise in coronavirus cases. This is the thought process of a threat actor with no moral compass: First, I’m going to target an industry that is grounded in helping people, no matter what. Then, I’m going to render their systems useless so that the people they are trying to help cannot get the level of care they need. Next, I’ll demand a ransom in order to get their systems back online. While they figure out how to pay the ransom, I’ll be busy making copies of all the data of sick people they have on file. When the ransom is paid, I’ll unlock their systems, but I won’t delete the data.
People tend to think of hacking, phishing and even forging documents as “victimless” crimes, but they absolutely are not. Especially when dealing with the healthcare industry. There was the woman in Germany, in life-threatening condition, who went to the emergency room only to be told that she needed to go to a different hospital. That one couldn’t help her because their systems were locked by ransomware. She died. There are people connected to the computer systems in every healthcare facility who can be adversely affected should the facility become compromised. This isn’t a victimless crime.
There are plenty of statistics to share regarding the healthcare industry and cybersecurity, but there are two to highlight here. According to Varonis, the healthcare industry lost an estimated $25 billion to ransomware attacks in 2019. And, more than 93% of healthcare organizations experienced a data breach in the past three years. That second one should really make the hair on the back of your neck stand up, it’s a huge number. How many times have you gone to the doctor in the last three years? Your children? Your parents?
With all of this taken into consideration, the CIS is offering protection to all U.S. hospitals at no cost, no questions asked. The service is called the Malicious Domain Blocking and Reporting (MDBR) service. The service automatically blocks domains associated with cyber threats. This includes ransomware, malware and phishing. CIS and Akamai partner to power and maintain the systems that provide this service, which happens once the organization switches their DNS provider to Akamai.
“The CIS Board of Directors prioritized making MDBR service available to all public and private U.S. hospitals at no cost, through both the MS-ISAC for public hospitals, and a $1 million investment of CIS funds for private hospitals this year. CIS is fully funding this for private hospitals at no cost, and with no strings attached because it’s the right thing to do and no one else is doing it at scale,” said Ed Mattison, Executive Vice President of CIS Operations and Security Services. “The COVID-19 pandemic has made hospitals an even larger target for malicious cyber threats than they were already. While other commercial cybersecurity organizations are certainly supporting hospitals and hospital systems, our nonprofit status and mission focus enable us to offer this service at no cost and at scale to any hospital or system that can benefit from it,” he said.
This service will provide a huge boost to the U.S. healthcare industry. Most healthcare facilities suffer from a few problems with security: 1. They lack the budget. 2. They lack the knowledge. 3. They lack the technology. 4. They lack the staffing. 5. It’s not a priority, their priority is saving people’s lives. It’s not that they don’t care, they absolutely care, but their main priority is to help sick people get better. So it’s not a surprise that the entire industry lags in cybersecurity, which is what makes this service so helpful. Blocking potentially malicious domains before they get in is a big step in the right direction.
The next step, though, is getting the word out and making sure these facilities get the protection they need. Having a service like this is fantastic, but it means nothing if no one uses it. IT leaders at healthcare facilities should be taking a hard look at this service and presenting it to decision-makers. It’s not a failsafe, it’s not 100% foolproof and it’s not going to replace your IT team. It is an added layer of protection, something every healthcare facility can benefit from.