October 29, 2020
FBI Warns Healthcare Industry of Ransomware Attacks
For managed service providers (MSPs) servicing the healthcare industry in the wake of a global pandemic, security is possibly more important than ever as cases of COVID-19 spike across the United States. Federal agencies are now warning of targeted cyber attacks on the public health sector to infect their systems with the Ryuk variation of ransomware, extorting financial payment.
The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) issued the alert late yesterday stating there is an “increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.” The key findings include:
- CISA, FBI, and HHS assess malicious cyber actors are targeting the HPH Sector with Trickbot malware, often leading to ransomware attacks, data theft, and the disruption of healthcare services.
- These issues will be particularly challenging for organizations within the COVID-19 pandemic; therefore, administrators will need to balance this risk when determining their cybersecurity investments.
“This news is unfortunately not surprising. As the global pandemic worsens in the U.S. and across the world, the vulnerability of healthcare providers is something MSPs should be taking very seriously, especially where the MSP manages SMBs in healthcare,” said Ryan Weeks, CISO at Datto. “This is not the first time during the pandemic that threat actors have taken advantage of critical healthcare service providers for their own financial gain, but it has the potential to be the largest attack of its type. MSPs and healthcare providers need to audit their security posture and urgently implement stronger countermeasures to limit potential damage.”
It’s also important to remember that MSP clients aren’t the only ones being targeted. 4 in 5 MSPs agree that their own businesses are being increasingly targeted by ransomware attacks. To avoid greater risk, MSPs should:
- Ensure their own infrastructure is secure. Our information security team found MSPs have a false sense of security when it comes to their own business. Ensure you’ve taken the necessary precautions.
- Educate their clients. A successful ransomware attack can often be avoided with proper cybersecurity training. Make it a regular offering for your clients.
- Follow best practices to avoid an attack. Prioritizing your to-do list can make it more manageable. Follow these best practices to get started.
Remain vigilant and communicate these risks with your clients - in the healthcare industry or otherwise. It could directly impact the timely medical care needed for your clients’ patients.