- The author of this article is Mr Raj Sivaraju, President, APAC, Arete
In a country’s socioeconomic landscape, the healthcare sector stands as a key pillar, bolstering the essence of a thriving economy. India, a burgeoning force in the global economy, grapples with the symbiotic relationship between technological advancements and the vulnerability of its healthcare systems. As of December 2023, the Indian healthcare industry reached a value of USD 372 billion, propelled by both the private sector and the government. This growth is largely attributed to the incorporation of cutting-edge technology, benefiting all industry stakeholders, including the medical fraternity and patients.
As digitization envelops healthcare, the synergy between innovation and security becomes paramount. Unfortunately, as technology has progressed, so have the cyber threats that have emerged in the healthcare industry. In this article, we will delve into cyber threats like ransomware and how healthcare organizations can safeguard themselves against the risks these threats pose.
The Ransomware Menace
According to data, nearly 60% of healthcare organizations in India have experienced a cyber threat over the past year. Of these, threat actors were able to encrypt the data in almost 75% of the ransomware cases, marking the highest rate of encryption in the last three years. While the healthcare sector is on the lower end of the spectrum regarding the typical demand amount (USD 132.8k), it jumps to the top of the spectrum in terms of the likelihood of paying ransoms (73.7%).
Phishing is one of the most common ways ransomware is initially introduced into healthcare organizations. Threat actors also employ drive-by compromise, external remote services, and replication via media to introduce ransomware to the healthcare industry.
The Emergence of Ransomware Families
Ransomware-as-a-Service (RaaS) operations have increased multifold in recent times, leading to a spike in ransomware families and the number of members in each “family.” In the simplest terms, ransomware threats are grouped into various families based on their style, code signatures, common commands, and viral payloads. Ransomware families can be volatile, changing names, shifting operations, and even capacities frequently. Government investigations have led to the arrest of many key operators of known ransomware families, but new families remain a threat.
The Need for a Robust Cybersecurity System
As ransomware cases continue to rise, organizations will need to implement controls to mitigate the risk and make it more manageable. Some of these measures include MFA (Multi-Factor Authentication), a multi-step account login process where users need to enter more information than just a password, and EDR (Endpoint Detection and Response), a cybersecurity technology that continuously monitors an endpoint to mitigate threats. These can be game-changers in protecting healthcare organizations from ransomware and other cyber threats.
Having an EDR platform in place ensures stronger protection and minimizes the likelihood of paying a ransom to the threat. Unfortunately, in the case of MFAs, less than one in four healthcare organizations have an MFA in place, while just over half of them report performing regular backups. Organizations that have an MFA system in place only pay 34.4% of the demanded ransom and have a significantly lesser likelihood of paying a ransom (52%), making MFA a crucial measure for companies in the healthcare space to have.
While it’s known that ransomware encrypts the data and demands a ransom, today, threat actors are also breaching sensitive data from victims and threatening to release it unless the ransom is paid. Data encryption, however, is the top technique used for impact in ransomware cases and is used in 100% of the ransomware threats affecting the healthcare sector. To soften the blow of data exfiltration, user training and data backups are the key measures to consider and implement in healthcare organizations.
As India’s healthcare sector navigates the intricate tapestry between technological progress and cybersecurity resilience, the proactive integration of the aforementioned strategies becomes the linchpin in safeguarding the industry and its data. A fortified defense is not merely an option; it’s an indispensable mandate that will ensure the seamless continuity of healthcare services and patient trust.