Cyber Insurer Offers Some Ransomware Insights

MedStar Health's 10 hospitals, and several other North American hospitals, have fallen prey to malware attacks in recent weeks.

The attacks, many involving ransomware, highlight why it's so important for healthcare organizations to take critical steps to avoid becoming the next victim, says technology expert Craig Musgrave of The Doctors Company, a provider of cyber insurance and medical liability coverage.

"The No. 1 issue is social engineering; it's the employee negligence," Musgrave says in an interview with Information Security Media Group. All healthcare organizations "should be providing training for all employees .... [because] over 80 percent of the attacks are made possible by human error where they'll click on a link or open an email attachment. If we can train the staff to avoid downloading [suspicious files] or bringing USB devices into the systems, then that's going to cut out a lot of the [ransomware] events that are happening."

But if an employee does make the mistake of clicking on an attachment that launches malware, healthcare organizations must take swift steps to mitigate the impact, he says.

"From the technical standpoint, the IT department needs to be making sure they have the appropriate controls in place around firewalls, application whitelisting and ... intrusion detection," he says.

"You need to be able to detect that something is going on very quickly so that you can stop it from spreading across the organization," Musgrave explains. "Once you're at that point where you can isolate [an infected] computer and take it off the network, then it gets down to how good are your backups, and can you restore systems as quick as possible."

Some hospitals have been able to recover from ransomware attacks without paying extortionists because they had well-prepared backups that enabled them to restore systems and data reasonably swiftly, he says. But other hospitals have had a more difficult struggle because the ransomware spread to main computer systems within the organization, making it more challenging to mitigate the attack, he says.

Hospital Attacks

In February, Hollywood Presbyterian Medical Center in California confirmed that it paid extortionists a $17,000 bitcoin ransom to unlock its data, which was maliciously encrypted by extortionists using ransomware.

But some other hospitals battling recent ransomware attacks, including Chino Valley Medical Center and Desert Valley Hospital in California, have confirmed that that they were able to recover from the attacks without paying ransoms.

DataBreachToday:

« German Police Catch Suspect in Global Cyber Crime Operation
The Delayed FinTech Revolution »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Digital Infrastructure Association (DINL)

Digital Infrastructure Association (DINL)

DINL is the leading representative for companies and organisations which are active within the Dutch digital infrastructure sector.

Padlock

Padlock

Padlock is a trusted platform with an intimate knowledge of the cybersecurity industry that connects businesses with freelance professionals

Empiric

Empiric

Empiric is a multi-award winning technology and transformation recruitment agency specialising in data, digital, cloud and security.

SOOHO

SOOHO

SOOHO helps to detect security vulnerabilities earlier. Our blockchain security platform audits from smart contracts to on-chain transactions.

CS3STHLM

CS3STHLM

CS3STHLM is the Stockholm international summit on Cyber Security in SCADA and Industrial Control Systems.

AmWINS Group

AmWINS Group

AmWINS are a global specialty insurance distributor with expertise in property, casualty and professional lines including cyber liability.

Havoc Shield

Havoc Shield

Havoc Shield is an all-in-one information security platform that includes everything a growing team needs to secure their remote workforce.

NSR

NSR

NSR provide trusted solutions that deliver positive business outcomes for our clients in cybersecurity and data protection challenges.

Vizius Group

Vizius Group

The Vizius Group are a think tank of cybersecurity consultants who understand the mechanics and business value of risk reduction.

N-able

N-able

N-Able deliver simple and sophisticated monitoring, security, and business solutions that empower you to solve your toughest IT challenges.

Torch.AI

Torch.AI

Torch.AI’s Nexus™ platform changes the paradigm of data and digital workflows, forever solving core impediments caused by the ever-increasing volume and complexity of information.

SecureClaw

SecureClaw

SecureClaw offers specialized cybersecurity consultation, various products, and a range of services to meet your company's business domain needs.

Cork

Cork

Cork is a purpose-built cyber warranty company for managed service providers (MSPs) serving small businesses (SMBs) and the software solutions they manage.

Cyber Intell Solution (CIS)

Cyber Intell Solution (CIS)

Cyber Intell Solution provide expert consulting, specialized products, and tailored operational services to governmental and corporate industry worldwide.

Upwind Security

Upwind Security

Upwind delivers comprehensive cloud security, precisely when and where it’s most critical.

SteelGate

SteelGate

SteelGate’s core capabilities are centered around architecture design and engineering of network, systems, and cybersecurity solutions.