Healthcare data breaches reached a record high in 2021. Indeed, healthcare now sees more cyberattacks than any other industry. Fully one-third of all cyberattacks are aimed at healthcare institutions. Why? Because healthcare is a valuable and vulnerable target.
Hackers go after healthcare because patient data and hospital systems are lucrative prey. Hackers know they can demand a high ransom if they compromise patient data or healthcare systems. They also know healthcare organizations will likely pay the ransom—and fast—because compromised data and systems can cost lives in a hospital setting. Hospitals, of course, rely on constant and immediate access to patient data to deliver care. People may get sicker and die if they don’t have that access. Almost one-fourth of healthcare institutions hit by a ransomware attack in 2019 and 2020 reported increased patient death rates after the attack.
Unfortunately, attacks on healthcare will only increase in the years ahead. Some hacking groups focus solely on attacking healthcare organizations. In April, the Department of Health and Human Services warned the healthcare industry about “an exceptionally aggressive” ransomware gang called Hive dedicated to targeting healthcare. Hive employs double extortion. It demands one payment to unlock data it has encrypted and another to prevent the data from being publicly released.
Defend Your Data With Air Gapping
Ransomware works by spreading across all copies of your data, including primary, secondary, and backup data. Attackers then encrypt or exfiltrate the data. Air gapping is one of the most practical and effective ways to secure backup data against a ransomware attack.
There are two types of air gapping. The first is traditional, physical air gapping, in which you disconnect the digital asset from all other devices and networks. This air gapping is the ultimate cybersecurity measure because it creates a physical separation between a secure network and any other computer or network. You store backup data on media such as tape or disk using a physical air gap, disconnecting these media entirely from their production IT environment.
The second type of air gapping is called logical air gapping. A logical air gap relies on network and user-access controls to isolate backup data from your production IT environment. It’s like a one-way street where data is pushed to its intended destination, whether a storage device on-premises or a custom appliance. The key here is that the control and management of that data—such as how it is retained or who can modify it—is unavailable through that same system or path. Anyone who wants to manage or alter the data must use entirely different authentication channels.
The beauty of air gapping is that it makes it nearly impossible for ransomware to compromise your data backups. It’s almost as if your data is wearing a cloak of invisibility, making it impervious to any malware that manages to enter your network.
Add a Last Line of Defense: The 3-2-1-1 Data Protection Strategy
Your healthcare organizations can also add a last line of defense against ransomware by employing a 3-2-1-1 data protection strategy. In this approach, you maintain three backup copies of your data on two different media, such as tape and disk, with one of the copies placed offsite to enable quick recovery.
You should also have one immutable object storage copy of your data and one air-gapped copy. Immutable object storage continuously protects data by taking a snapshot at 90-second intervals. So even if a ransomware attack occurs, you can recover your data immediately.
If there is an attack—or downtime or natural disaster—your data snapshots let you return to a near-current file state. Snapshots can’t be changed, deleted, or overwritten, so they secure your data against ransomware attacks, human error, and hardware failure. Healthcare organizations that deploy immutable snapshots can maintain the seamless continuation of operations even in a ransomware attack or other calamity.
There’s No Time to Waste
For years, healthcare organizations could rely on a cyber strategy of safety in numbers, figuring that the bad guys would attack someone else. That strategy is now outdated. Your healthcare organization must assume that you will, sooner or later, be the target of a ransomware attack.
The impact of a data breach can be catastrophic since all aspects of healthcare are now digital, from diagnosis to long-term care to every event in between. Healthcare generates vast volumes of data at all levels of care and engagement—data that could not be more critical because human lives depend on it.
Given the quantity and value of healthcare data, implementing a multi-layered protection and recovery strategy is urgent. It’s not whether such a strategy should be implemented or even when. It is a matter of, “How fast can we do it?”
You need to quickly implement air gapping and other data protection initiatives to protect yourself. It is indeed a matter of life and death.
You May Also Like
Arcserve Global Study Finds Healthcare Industry’s Ransomware Protection Efforts Need a Prevention InterventionOctober 3rd, 2023
- HealthcareSeptember 5th, 2023
HHS Issues Ransomware Alert for Healthcare: How Immutable Storage Immunizes Healthcare With Data ResilienceApril 11th, 2023