Healthcare is perpetually in a race – to save lives, to do things faster and better, to save money, and to protect patient data. Technology is a powerful accelerant that can help healthcare professionals get a jump start on the day. However, it can also open the door to cybercriminals looking to make some easy money.
Because of the proliferation of internet-connected medical devices (the Internet of Medical Things) and because of the allure of holding sensitive patient information for ransom, the healthcare industry is particularly vulnerable to ransomware attacks.
Hospitals and electronic health record (EHR) vendors in particular are hot targets for ransomware attacks. Why? Patient records are the most expensive type of personal information traded on the dark web; since 2016, 172 ransomware incidents have cost the U.S. healthcare industry more than $157 million.1
As with healthcare itself, the best medicine is prevention. The most effective anti-ransomware strategy will detect and stop threats before they breach the perimeter. And with 90% of malware using DNS to gain command and control, exfiltrate data, or redirect web traffic, DNS-layer security is the most effective first line of defense against ransomware.2
Cisco Umbrella provides this first line of defense because it is built into the foundation of the internet and blocks requests to malicious destinations before a connection is even established. Umbrella also provides protection for all devices on your network, regardless of location. As a cloud-delivered service, Cisco Umbrella is easy to deploy. It also uses intelligence to detect attacks before they launch. Finally, Umbrella can extend existing security investments using open APIs to programmatically extend protection for devices and locations beyond your perimeter.
Cisco Umbrella provides visibility and context to:
- Gain visibility into all internet activity, including security activity, across all locations and devices
- Identify devices infected or users targeted by advanced attacks to reduce the time to remediation
- Identify potentially unauthorized access or threats to PHI data stored in cloud apps.
- Get up-to-the-minute threat information, as well as historical content about every domain on the internet
- See the relationships among malware, domains, IPs, and networks so you can quickly respond to critical incidents using Cisco Umbrella Investigate
After setting up the first line of defense, it’s a good idea to monitor for lateral movement of ransomware within your network, eliminate its propagation, and reduce the amount of time any attack has to operate within your network.
Learn more about the capabilities of Cisco Umbrella for your healthcare organization here.
1 https://www.comparitech.com/blog/information-security/ransomware-attacks-hospitals-data/
2 https://blog.talosintelligence.com/2017/03/dnsmessenger.html
