By Marcus Chung, CEO, BoldCloud.
For the second straight year, ransomware attacks accounted for over 70 percent of all malware incidents in the healthcare sector, according to the recently issued 2019 Verizon Breach Investigations Report. Beazley reported that almost half of the ransomware incidents reported in 2018 involved healthcare companies, while CSO Online estimates that healthcare-related malware attacks will likely quadruple by 2020.
Adding salt to the wounds, a private practice in Battle Creek, Michigan, was forced to close its doors in the aftermath of a devastating healthcare ransomware attack in 2019—the first public report of a ransomware-related business failure. Every day we read about another headline breach in healthcare.
Being in the ransomware hot seat is a lot to swallow for an industry responsible for the security of our most sensitive data. And therein lies part of the problem. Cybercriminals are always after the most lucrative targets and they have learned that healthcare providers are more likely to pay the ransom to get their patients’ data back.
CEO of A1care, Percy Syddall, a 25-year healthcare veteran who helps grow and manage businesses in the Home Care field is sharing his story to help others avoid the business disruption and financial woes caused by cybercriminals. Syddall said, “I always strive to do what is best for my clients, which includes leveraging innovative technologies and maintaining the privacy of their personal data. Still, our company was attacked by ransomware, which almost forced us out of business. The cybercriminals threatened to expose private client data if we did not pay the ransom.”
“The hardest thing I’ve ever had to do was call each client and explain that the personal information they trusted my business to protect, may have been compromised. At that time, very little was known about ransomware and I ended up paying the ransom to get my client data back,” continued Syddall.
Even though medical records contain rich personal health information (PHI) that can be sold for high value, cybercriminals are discovering they can get faster payment through ransomware. Unlike stolen medical records that take time to acquire and commoditize, ransomware locks healthcare professionals out of critical systems and demands payment or immediate action.