By Mackenna Moralez, Associate Editor

An increase in cybersecurity events in 2022 have left patients feeling vulnerable and exposed. Hospitals and other healthcare facilities have been struggling to keep personal data safe as ransomware groups become more tactical. 

Federal officials have set out alerts for several ransomware groups that have targeted healthcare facilities.  

Royal has become an increasing threat to the healthcare sector. Royal-based attacks have steadily grown over the last three months, according to the notice. Ransom demands have ranged between $250,000 to over $2 million. 

Meanwhile, The Daixin team reportedly has been targeting healthcare systems since at least June 2022. The team has caused ransomware incidents at multiple organizations and has deployed ransomware to encrypt servers, exfiltrated personal identifiable information and patient health information, and it has threatened to release the information if a ransom is not paid.   

It is suggested that cyber groups have targeted hospitals and other healthcare facilities because there is a lack of proper cybersecurity resources, leaving them more exposed and understaffed to handle a sophisticated attack, making them more likely to payout ransom. In addition, attacking hospitals can earn the groups attention and notoriety among other ransomware gangs.  

Every second counts when a cyberattack happens. Without a proper cybersecurity plan or insurance in place, patients and residents can be at risk. According to a report by Ponem Institute and Censinet, 53 percent of respondents in organizations that had a ransomware attack said it resulted in a disruption of patient care. Meanwhile, 21 percent of respondents say ransomware attacks had an adverse impact on patient mortality rates.  

In 2019, a baby born with severe brain injuries in Alabama eventually died due to neglect from the hospital as it was addressing a ransomware attack, NBC News reports. In addition, a German woman died in 2020 after being rerouted to a different emergency room because the closest hospital was dealing a ransomware attack. 

Hospitals and other healthcare facilities are beginning to prioritize cybersecurity within its operations. According to the Ponem Institute report, 60 percent of respondents say their organizations have a continuity plan in place that includes a planned system outage in the event of a ransomware attack. In addition, 33 percent of respondents say their organizations have increased funding to deal with potential attacks.  

Some security strategies to begin implementing include: 

• restriction of network access  
• enhanced physical controls, such as restricted control areas  
• access entitlement that is appropriate to the job function  
• expanded use of automation and artificial intelligence tools for security operations  
• increased accountability among employees  
• enhanced identity and access management techniques. 

Mackenna Moralez is the associate editor for the facilities market.