Why is healthcare a top target for ransomware?
The Ransomware-as-a-Service (RaaS) model thrives on stealing high-value assets that force organizations to pay up in exchange for the encryption keys to unlock their data or recover lost files. In the Colonial Pipeline ransomware attack conducted by the cybercriminal organization DarkSide, that asset was 100 gigabytes of data exfiltrated from a shared internal drive. Shared drives are the most common means for organizations to store and utilize data, with the majority of architectures leveraging network attached storage (NAS) systems and generic file servers on-prem or in the cloud as these shared data repositories. While the impact to Colonial can be measured in dollars and cents - they paid $4.4 million in ransom in addition to economic impact of the extended outage - the disruption to the lives of everyday citizens is much more concerning.

Now, look at it from a healthcare perspective. The bulk of high-value assets targeted by ransomware attackers is unstructured data, meaning it extends beyond the basic information such as patient names, addresses, and credit card numbers in a database. Instead, unstructured data resides in Electronic Health Records (EHRs) and involves essential components of patient care: physician appointment notes containing contextual information (e.g., living conditions, how the patient perceives their symptoms, family medical histories, etc.), email correspondence, text files, photos and videos, call transcripts and recordings, imagery (X-rays, MRIs, etc.) and communication apps. Unstructured data can consist of as much as 80% of data within a healthcare organization.
Without access to this critical information, medical professionals cannot provide effective care for their patients -- some of whom are dealing with life-threatening conditions that require 24/7 monitoring. A ransomware attack on a major hospital significant enough to cause prolonged operational downtime could lead to severe consequences, especially as the Delta and Omicron variants continue to strain hospitals with sharp rises in COVID-19 hospitalizations across the world. We’re talking about real lives at stake.

Health IT Homepage