Hospitals in the rural United States are increasingly targeted by ransomware (opens in new tab) threat actors, experts said at a Senate hearing this Thursday.
According to Cyberscoop, the most pressing sentiments shared at the March 16 Senate Homeland Security and Government Affairs hearing were that healthcare organizations in these areas are attractive targets due to their lack of qualified cybersecurity personnel and other resources, such as personnel.
However, witnesses said that private industry groups and federal government agencies, such as the Cybersecurity and Infrastructure Security Agency (CISA), are providing the industry with a lot of information on how to tackle the growing problem of ransomware.
Looking for data
Kate Pierce, senior virtual information security officer at cybersecurity firm Fortified Health Security, called for more funding for healthcare organizations so they can better put theory into practice.
“We also saw cybercriminals shift their focus to small and rural hospitals, lagging this group in strengthening their defenses,” said Pierce. “Our rural hospitals are facing unprecedented budget constraints, with up to 30% or more in the red, and the public health emergency is expected to end in May.”
Healthcare providers naturally generate a lot of data about their customers, many of which are extremely sensitive (information about a person’s health and illness history, payment details, employment status, etc.). As such, they are a prime target for ransomware operators and data thieves.
This week, high-profile cyberattacks against two healthcare providers were revealed, with Independent Living Systems (ILS) leaking more than 4.2 million user records and hardware and software company Zoll Medical stealing the data of more than a million customers and employees.
Via: Cyberscope (opens in new tab)