Take action to prevent ransomware attacks

By Philips ∙ August 26, 2024 ∙ 4 min read

Healthcare Informatics

Radiology Informatics

Healthcare is a critical, vulnerable and high-value target for cyber criminals. Spurred on by rampant system obsolescence and high-value data, annual ransomware attacks on healthcare institutions have nearly doubled since 2022.1 The complex infrastructure and integration of dozens of connected devices makes defense of hospital systems particularly difficult. However, medical systems are designed to withstand the threats that healthcare is facing. Data security best practices, bolstered by Philips healthcare-specific technology and solutions, can help you defend against ransomware attacks.

At a glance

  • Ransomware attacks against healthcare organizations are on the rise
  • Proactive risk management is crucial to combat this trend
  • Philips adheres to a comprehensive Product Security strategy to protect medical devices and image management systems from cyber threats
  • Philips HealthSuite Imaging Data Protection helps ensure regulatory compliance, high durability and quick data recovery without disrupting onsite medical imaging workflow and PACS configuration

Standing Value Analysis Committee consultation without masks

The effects of ransomware attacks on healthcare organizations are far-reaching. A study of ransomware attacks perpetrated against healthcare organizations between 2016 and 2021 found that 44.4% of the attacks disrupted delivery of healthcare, including electronic system downtime (41.7%), cancellations of scheduled care (10.2%) and ambulance diversion (4.3%).2 Citing initial findings of a study, a health economist at the University of Minnesota said in-hospital mortality increases about 20-35% for patients who have the misfortune to be admitted to a hospital when it goes through a ransomware attack.3 Ransomware can also affect your administrative operations, including billing and payroll and result in significant reputational harm.

Cyberattacks can disrupt critical systems making data inaccessible and jeopardizing the ability of health systems to maintain patient safety and provide timely care. Ultimately, patients suffer the most in these situations. Clinicians may be unable to perform procedures or prescribe medication, while pharmacies struggle to access information for fulfilling prescriptions. Furthermore, the organization's billing processes become inefficient, affecting the number of patients they can accommodate. 

44.4% of ransomware attacks disrupted delivery of healthcare.2

However you are not at the mercy of cyber criminals. There are steps that you can take to mitigate your risk of a ransomware attack, including understanding why healthcare organizations are at risk, how cyber criminals operate and how partnering with companies like Philips that prioritize cybersecurity in software development can help protect your organization.

Why are health systems vulnerable to attack?

Health systems are particularly attractive targets for ransomware, due to a combination of digitalization of healthcare information, complex networks with many points of access, devices that have not been updated with the latest security software, human factors and lack of control.

Medical devices and low-security wearables are increasingly connected to the internet, providing gateways to hospital networks. In particular, devices with infrequent patch cycles may lack protection against the latest malware. Another factor is that the supply chains in healthcare have become increasingly complex and even the smallest healthcare system involves many moving parts. This complexity, compounded by the many third-party vendors and suppliers that are connected to hospital systems, makes it nearly impossible for hospitals to have full visibility and control over every aspect of their networks and amplifies the risk and potential effect of a cyberattack.

Among the human factors are clinical and administrative workforce shortages. Given fewer staff and longer working hours, cybersecurity can become deprioritized, leading to mistakes and opening the door for cyberattacks.

Cybersecurity education may also be deprioritized, leading to employees unwittingly helping cyber criminals. National Institute of Health reported that 90% of breaches begin through phishing (mass email) or spear phishing (targeted emails).4 In both cases, hackers use deceptive emails or websites to gather information – for example, PACS login credentials. The report cited an American study that found healthcare workers clicked on one out of every seven simulated phishing emails.

The cost of security breaches in the healthcare industry. In 2024, the average cost of a healthcare data breach is $9.77 million.5

Why are cyberattacks on healthcare profitable?

Electronic health records (EHRs), which have facilitated the ability to efficiently share up-to-date patient data for better patient care, also provide a target-rich environment of valuable data that is very attractive to cybercriminals.

Once ransomware encrypts an organization’s files, it prompts the user to pay a ransom. For the impacted healthcare organization, it’s a race against the clock to re-establish control of its system access and/or patient data. For a large health system, backing up millions of records is a time-consuming process that can’t be accomplished in the time allotted and the hackers are all too aware of that. If a data backup is unavailable or those backups were themselves encrypted, the victim is faced with paying the ransom to recover files.6 In many cases, healthcare organizations are willing to pay to restore services and avoid public embarrassment and loss of trust.

Even if the healthcare organization refuses to pay, the threat actors can still make money by selling the information on the dark web. Protected health information (PHI) is more valuable than other data because can be broadly exploited, including to file fraudulent insurance claims, purchase false prescriptions or receive treatment.7 Stolen records are a commodity and how much they sell for depends as much on the source as it does on supply and demand. In a March 2024 broadcast, a cybersecurity researcher interviewed on CNBC said that medical records are sold for approximately $60 on the dark web, compared to Social Security numbers at $15 and credit card information at $3.8

What can health systems do to mitigate ransomware attacks? 

Cedric L. Truss, Program Director and Clinical Assistant Professor of Health Informatics at Georgia State University, recommends that organizations take several logical steps to prevent a ransomware attack,6
including:

  • Backing up network/systems on a regular basis
  • Providing adequate security awareness training to all employees on information security
  • Ensuring security software is current on systems 
  • Performing regular risk assessments
  • Validating firewalls that protect the hospital network

What does Philips do to protect imaging systems?

Philips adheres to a comprehensive cybersecurity policy that includes staying on top of emerging security vulnerabilities and potential external threats and collaborating with regulatory agencies, industry partners and healthcare providers, among others, to close security loopholes and implement safeguards.

RI ransomware article website page image

Radiology Informatics implements cybersecurity guidelines in the full lifecycle of their product and a services development. Radiology Informatics development fully embeds valuable security standards like NIST, ISO, DICOM, IHE and DIACAP (now RMF). Additionally, we carefully review international laws ranging from HIPAA to the EU Data Protection Directive to identify product requirements and implement the latest guidance. The Product Security Framework ensures medical devices are designed with a defense-in-depth strategy, incorporating multiple layers of security controls spanning application, computing, data and network security. These controls, aligned with global security standards are meticulously integrated into our medical solutions to mitigate cyber threats effectively.

RI ransomware article website page image security

In line with industry-standard best practices, the cybersecurity measures we implement in radiology informatics include:

  • Physical security
  • Operational security
  • Procedural security
  • Risk management
  • Security policies
  • Contingency planning

Within our threat response framework, safeguarding the security of vital assets such as the Vue PACS and Image Management Software is our top priority at the 24/7 Philips Security Operations Center (SOC).* We employ a comprehensive approach tailored to swiftly and effectively address cybersecurity challenges. Our multifaceted strategy integrates proactive measures such as continuous monitoring and threat detection – leveraging state-of-the-art technologies.

In addition, for customers relying on an on-premises PACS/image management system, Philips Radiology Informatics provides Philips HealthSuite Imaging Data Protection offering, a new service empowering Healthcare Organizations to preserve their medical images and PACS file systems from any threats, includes cyberattacks, viruses and natural disasters, leveraging Amazon Web Services (AWS) technology data. AWS's advanced security features include encryption in transit and at rest and compliance with over 50 global standard. This robust protection further minimizes the risk of ransomware attacks, ensuring that critical medical imaging data remains secure and accessible and allowing healthcare organizations to maintain uninterrupted patient care.

AWS's advanced security features include encryption in transit and at rest and compliance with over 50 global standards.

The Philips HealthSuite Imaging Data Protection offering ensures regulatory compliance, high durability and quick data recovery in case of disasters without disrupting the onsite medical imaging workflow and PACS configuration. The service eliminates the need for on-site backups, reduces management burdens and offers cost-effective scalability, enabling healthcare organizations to focus on patient care without compromising data integrity.

Subscribe to our email updates

We are always interested in engaging with you.

Let us know how we can help.

1
Select your area of interest
2
Contact details

Footnotes
 

[1] Ransomware Attacks Surge in 2023; Attacks on Healthcare Sector Nearly Double. CTIIC. 28 February 2024. www.dni.gov/files/CTIIC/documents/products/Ransomware_Attacks_Surge_in_2023.pdf

[2] Neprash H. McGlave C. Cross D. et al. Trends in Ransomware Attacks on US Hospitals, Clinics and Other Health Care Delivery Organizations, 2016-2021. JAMA Health Forum. 2022;3(12):e224873. doi:10.1001/jamahealthforum.2022.4873.

[3] Levi R. Ransomware Attacks Against Hospitals Put Patients’ Lives at Risk, Researchers Say. Morning Edition. October 20, 2023. www.npr.org/2023/10/20/1207367397/ransomware-attacks-against-hospitals-put-patients-lives-at-risk-researchers-say

[4] Owens B. How Hospitals Can Protect Themselves from Cyber Attack. CMAJ. 2020 Jan 27; 192(4): E101–E102. doi: 10.1503/cmaj.1095841 www.ncbi.nlm.nih.gov/pmc/articles/PMC6989022/

[5] Southwick, R. Healthcare data breaches remain most expensive of any industry. Chief Healthcare Executve. 30 July 2024. www.chiefhealthcareexecutive.com/view/healthcare-data-breaches-remain-most-expensive-of-any-industry

[6] Truss C. Taking Steps to Prevent the Rise of Ransomware Attacks in Healthcare.
www.himss.org/resources/taking-steps-prevent-rise-ransomware-attacks-healthcare. August 24, 2021

[7] GWhy is PHI Valuable to Hackers? Blog. January 25, 2022. www.accountablehq.com/post/why-is-phi-valuable-to-hackers/ 

[8] Diaz N. How Much Money Are Hackers Selling Medical Records For? Becker’s Health IT. March 15, 2024. www.beckershospitalreview.com/cybersecurity/how-much-money-are-hackers-selling-medical-records-for.html

*Availability restricted to some geographical areas

You are about to visit a Philips global content page

Continue

You are about to visit a Philips global content page

Continue

Nettstedet vises best med den nyeste versjonen av Microsoft Edge, Google Chrome eller Firefox.