An updated guide to help hospitals and healthcare facilities prevent ransomware attacks and subsequent data extortion tactics was rolled out May 24 by a Cybersecurity and Infrastructure Security Agency and FBI task force.
The guide, which was originally released in 2020, also provides information on how hospital systems can shore up their technology to prevent an attack as well as advice for how to manage an infiltration if it occurs.
The updated guide adds the FBI and National Security Agency as co-authors and includes more recommendations on prevention strategies, cloud backups and zero-trust architecture, and an expanded response checklist.
Ransomware, a type of malware that encrypts files on a technology device, prevents access of the information. Once a system is seized by ransomware, the hackers try to extort money from the system's owner before they will release access to the data.
While healthcare systems are incorporating technology solutions and increasing training among their employee bases about email schemes that hackers design to try to gain access to sensitive healthcare information, nefarious actors are also getting more savvy.
"Over time, malicious actors have adjusted their ransomware tactics to be more destructive and impactful and have also exfiltrated victim data and pressured victims to pay by threatening to release the stolen data."
The combination of tactics, according to the guide, is called "double extortion."
"In some cases, malicious actors may exfiltrate data and threaten to release it as their sole form of extortion without employing ransomware," according to the guide, which includes two parts — one that details prevention and mitigation best practices, and one that provides a response checklist for organizations that become victims of a ransomware attack.