According to sources from throughout the world, 2021 saw a record number of healthcare data breaches. In fact, more cyberattacks currently target the healthcare sector than any other.
A full one-third of all cyberattacks target medical facilities. Why? Because the healthcare industry is a lucrative and exposed target.
This pattern is not new to South Africa; in May of this year, the pharmacy company Dischem made news for a hack that exposed more than 3.6 million records.
They are also aware that hospitals will probably pay the ransom quickly because exposed data and systems can result in fatalities.
Naturally, hospitals need constant and quick access to patient data in order to provide care. People might get worse and eventually pass away if they don’t have access to that care. In 2019 and 2020, over one-fourth of healthcare organisations reported an increase in patient fatalities as a result of the ransomware attack.
Unfortunately, there will be further assaults on healthcare in the coming years. In fact, some hacker groups only target healthcare institutions. The US Department of Health and Human Services issued a warning to the healthcare sector in April of this year on “an especially aggressive” ransomware gang named Hive that targets the industry and prefers double extortion.
It demands two payments: one to decrypt data; the other to keep the data from being made available to the public.
Air gapping can protect healthcare data
All versions of the data, including primary, secondary, and backup copies, are scanned by ransomware in order to operate. The data is then encrypted or exfiltrated by attackers. One of the most practical and efficient methods for protecting backup data from a ransomware assault is air gapping.
Air gapping comes in two flavours. The first method is the conventional, physical air gapping method, in which a company cuts off a digital asset from all other systems and networks. Because it physically separates a secure network from any other computer or network, air gapping is the best cybersecurity measure.
Organizations store backup data on media like tape or disc and then completely detach these media from their production IT environment using a physical air gap.
Logical air gapping is the name given to the second form of air gapping. A logical air gap isolates backup data from the production IT environment via network and user-access constraints. Data is pushed to its final destination, whether it be an on-premises storage device or a customised appliance, like it is on a one-way street.
The crucial point is that using the same system or path makes it impossible to govern and manage that data, including how it is stored or who can make changes to it. Anyone wishing to administer or modify the data must do so through wholly distinct routes of authentication.
The beauty of air gapping is that it makes it nearly impossible for ransomware to compromise your data backups. It’s almost as if your data is wearing a cloak of invisibility, making it impervious to any malware that manages to enter your network.
Another vital step is 3-2-1-1 data protection
Healthcare organisations can use 3-2-1-1 data protection as a second ransomware defence. It entails keeping three backup copies of your data on two distinct types of media, such as disc and tape, with one copy being stored offshore to facilitate speedy recovery.
Additionally, you should have one air-gapped copy and one immutable object storage copy of your data. Data is continuously protected via immutable object storage by taking a snapshot every 90 seconds. Therefore, you can rapidly restore your data even if a ransomware assault takes place.
Your data snapshots give you the ability to go back to a current file state in the event of an attack, outage, or natural disaster. Snapshots safeguard data against ransomware attacks, human mistake, and device malfunction because they cannot be modified, erased, or rewritten.
Healthcare organisations that deploy immutable snapshots can continue their operations seamlessly even in a ransomware attack or other calamity.
Hospitals must act quickly to protect sensitive data.
Companies may rely on a safety-in-numbers cyber approach for years, anticipating that the bad guys will target someone else. This strategy is no longer valid. Healthcare organisations need to prepare for the possibility that they will, at some point, fall victim to a ransomware attack.
Since all facets of healthcare are now digital, from diagnosis to long-term care to every event in between, a data breach can have catastrophic effects on the industry.
At all levels of care and involvement, the healthcare industry produces enormous amounts of data, and this data is more important than ever since it affects people’s lives.
It is critical to quickly create a multi-layered security and recovery strategy given the volume and worth of healthcare data.