Healthcare among the top 5 industries the most likely to be hit by ransomware
Healthcare is the fourth most likely industry hit by ransomware, according to the new desk research by NordLocker, a file encryption software . An analysis of 1,200 companies hit by cyber extortion between 2020 and 2021 revealed those parts of the market where ransomware is the most widespread.
NordLocker’s research finds that of 35 identified industries, many ransomware attacks were detected in the healthcare sector, according to a Nordlocker press release. The 64 healthcare-related companies affected range from a French leader in outsourced sterilization of reusable medical devices to a 25-bed critical access hospital providing diagnostic, therapeutic, and preventative care.
The healthcare business might be enticing to cyber racketeers because of the volume of sensitive data available through the attacks. Unlike in other sectors, the information stolen in healthcare cannot be changed upon the detection of the breach.
When ransomware immobilizes healthcare organizations, employees are forced to work with the good old pen and paper. However, when medical staff can’t access critical medical data, the situation becomes a matter of life and death. Last year, police in Germany launched an investigation after a woman died as a result of being transferred to another hospital following a ransomware attack.
Although ransomware attacks are evolving, Nordlocker Security and Encryption Specialist Oliver Noble provides some easy-to-implement cybersecurity tactics to serve your organization as defense:
- Be sure your employees use strong and unique passwords to connect to your systems. Better yet, implement multi-factor authentication.
- Secure your email by training your staff to identify signs of phishing, especially when an email contains attachments and links.
- Implement and enforce periodic data backup and restoration processes. An encrypted cloud might be the most secure solution for this.
- Adopt zero-trust network access, meaning that every access request to digital resources by a member of staff should be granted only after their identity has been appropriately verified.