Next Level Ransomware: Why They Target Healthcare Industries?
The more ransomware – and the cybercriminals responsible for it – has evolved in recent years, the more we can see that the “code of conduct” previously upheld by cybercriminals distributing ransomware is disappearing. Ransomware has gone from dark to really, really dark. Placing people in physical danger was never the intent of ransomware, but the wrong tool in the wrong hands can wreak havoc.
The main reason for cybercriminals targeting medical institutions is because hospitals have at their disposal vast amounts of patients’ data (medical histories, drug prescriptions, allergies, etc.) that they rely heavily on in order to provide them with the necessary care they need. And because patients’ lives are at stake when that data is being held hostage, cybercriminals have almost a 100% guarantee that they will receive their ransom money. It’s shocking to think that ransomware criminals would exploit the situation by placing medical care givers in such a state of desperation that they have no choice but to pay the ransom.
They’re After More Than Money
Unfortunately, the reasons behind hospitals and medical facilities being targeted gets more complex. The sensitive data mentioned before is quite a valuable commodity on the cyber black markets. Medical histories, patient information and drug prescriptions are more sought after and more valuable than even credit card information. So when the ransomware has encrypted the data of the targeted healthcare facility, it has probably already stolen the information too, placing the ransomware criminals in a position of power: they already have what they want and what is to stop them from demanding more ransom, or worse, deleting all the data?
A Good Reason Not to Pay the Ransom
This horrific exploitation of human desperation is a very good reason not to pay for the ransomware decryption key and stop granting cybercriminals the flourishing business opportunity which is ransomware. Unfortunately, when faced with the decision between life and paying ransom one can see the logic behind giving the criminals what they want. This perpetuates the ransomware market and encourages criminals that easy money can be made by peppering healthcare industries with ransomware.
So What Should Be Done?
Once again this brings us back to the fact that a comprehensive backup strategy and disaster recovery plan is really the only fail-safe method of surviving a ransomware attack. Most hospitals not only pay the ransom because they have no other choice but they also pay because of time constraints. They believe that data restores, or even a full system restore, would take longer to get the data back than paying the ransom. So if someone’s life is at stake, the quickest method becomes a no-brainer.
However, reputable backup service providers that aim to be market leaders in data protection and recovery should heed this need for instant access to backed up data and seize the opportunity to provide such features in their software. This type of immediate restore should be a compulsory for all industries that would suffer if access to their data is denied.
If your current backup service provider can’t accommodate instant access to your data, perhaps it is time to change.