COVID-era Cyberattacks Target Healthcare

Doctor holding a stethoscope with healthcare icons and graphics overlay.

April 25, 2022 | Amanda Croskrey

Ransomware continue to rise, affecting industries most vulnerable to attacks.

Few industries have been affected by COVID-19 as much as the cybersecurity industry. We have seen an increase in the following areas of cyberattacks: data exfiltration, phishing emails, account takeover, malware downloads, application attack, and ransomware. However, the repercussions of the increase in ransomware and other cyberattacks during the pandemic has gone on to negatively impact government entities, especially the healthcare industry.

Ransomware Attacks Continues to Increase

Ransomware is when cybercriminals infect a network to then restrict access to a victim’s encrypted files while the cybercriminal demands to be paid for the victim to regain access to their files. Ransomware has increased around 148% since the pandemic started. Some of the largest ransomware attacks occurred in 2021, including the Colonial Pipeline, which paid $5 million, JBS Foods, which paid out $11 million, CAN Financial, which paid out $40 million, and Kaseya, which paid out $70 million in Bitcoin to resolve the issue.

Cybercrime is a very profitable industry and seems to be growing at an intense rate. There are many reasons to why cyberattacks are increasing.

The primary reason is business entities are switching to remote work assignments instead of staying on the internal network. Many people who work from home use a virtual private network (VPN) to connect to their company’s network, which causes a vulnerability to security.

Another factor is the switch from in-person shopping to online shopping. This goes for an industry that sells products or services online.

The breach of the Colonial Pipeline in 2021 was a huge threat as almost half of the East Coasts’ fuel was at risk. The ransomware attack occurred because of the vulnerability of a VPN. VPNs are the safest way to connect to your company’s network while working remote.

Although a VPN is the most secure, it should be updated and use multi-factor authentication. It is also important to note, using at home Wi-Fi versus public Wi-Fi is always a good idea.

2021 healthcare cybersecurity statistics with pie charts on cyberattack motivations and breach types, and a bar graph with breach numbers.

Cybercriminals Turn to Healthcare

In late October of 2020, many of the University of Vermont healthcare staff working from home contacted the IT team to report that they had trouble accessing their network. When the team took a look into it, they found instructions on how to contact the cybercriminals.

The IT team decided to shut down their network to prevent any further damage. Appointments, surgeries, and treatments had to be cancelled, rescheduled, or referred to somewhere else because no systems were up and running. Staff could not see when appointments were, send out emails, or access electronic health records.

To resolve the ransomware attack, the IT team had to work overtime to find a way to get the network up and running without having to pay ransom. University of Vermont Medical Center did not pay the ransomware attackers, but they did lose around $50 million in revenue.

What makes the healthcare industry so attractive to cybercriminals is that it is vital to have hospitals and emergency rooms up and running for life or death situations.

The importance of the healthcare industry allows the attackers to take advantage of them by asking for higher payments. A lot of sensitive information is stored in these systems. Our healthcare industry cannot perform the necessary duties without the health systems they work on. During the pandemic, the need for these systems is at an all-time high due to the amount of hospitalizations caused by COVID-19.

Prevention Tips

Cybercriminals will continue to try to shut down networks to demand payment. The most important way to keep a ransomware attack from happening, is to invest in your IT department or make sure you have a cyber-security team that can help you prevent or mitigate ransomware attacks.

Assuming you will have a cyber-attack at some point puts you in a position that could save your business. Below are a few steps that can help you plan for a cyber-attack.

Put a plan in place and have team members that know what they are doing if anything out of the ordinary comes up.
Your network should have strong firewalls and anti-virus software should be consistently updated.
A backup of important files on an offline computer can be a great way to restore necessary files quickly.
Have your IT team do case scenarios to see if they can resolve the issue. Be diligent and train your employees on cyber security.
Every employee, no matter what department they work in should have trainings on password and phishing education and audits to prevent opening the door to cyber-attacks.
Off system daily or hourly storage of backup files.
Have a strong emergency plan in place to mitigate and prevent a disaster.

2022 will be a year of continuation for cybercriminals to take over networks of important business entities. As cybercriminals learn new tactics to get around our defenses, we have to continue to evolve our cybersecurity strategies that we have in place. We have to outsmart cybercriminals, and the only way to do so is predicting that a breach can happen and having a set plan.

For more information on programs available to CSD Members at no-cost, visit csdpool.org/cyber.

Website Accessibility Statement

Colorado Special Districts Property and Liability Pool (the "District") is committed to ensuring that its services are accessible to all members of the public. As part of this commitment, the District strives to provide an accessible website compatible with the Web Content Accessibility Guidelines (WCAG) version 2.1, AA, and commercial screen reading software. Features of the website are created to allow individuals with vision and other impairments to understand and use the website to the same degree as someone without disabilities.

If you need any special assistance or accommodations:

Contact our compliance support team via telephone at: (888) 765-1970

Ongoing Compliance Information

Compliance Coordinator

The District has designated a Compliance Coordinator for website disability-related accommodations. The Compliance Coordinator has received training in website accessibility and updates the site in accordance with those best practices and requirements.

Compliance Procedures

The District is working to ensure all website content complies with the Americans with Disabilities Act and controlling State laws. In an ongoing effort to continually improve and remediate accessibility issues, the website is regularly scanned to ensure ongoing compliance, and timely changes are made to any inaccessible content if found.

Accessible Documents Policy

The District is committed to providing all documents hosted on the website in an accessible format or making accessible alternatives available.

Linked Documents and Third Parties

Please note that this site may link out to third-party websites that do not have accessible content. This site may also include documents provided by third parties. While we cannot control the accessibility of content provided by third parties, we are happy to assist any member of the public with reading and accessing content on our site.

Report a Website Accessibility Issue

We are committed to your ability to access all content, and we will respond to all requests in a timely manner. If you need assistance or accommodations while accessing content on this website, please contact our Compliance Coordinator via the form below: