Let’s envision a worst-case cybersecurity scenario at your healthcare facility: A hacker either locks you out of your computer or obtains access to your private files, and demands a ransom of almost $20,000.
Should you pay the money?
According to one recent study from HIMSS Analytics, about half of the healthcare executives surveyed indicated that they wouldn’t make a ransomware payment while 44 percent claimed that they were not sure if they would do so. Only 5 percent claimed that they would pay.
As CSO explained, however, experts believe that many professionals are in fact choosing to pay to regain access to their important documents.
This is a major problem, especially when considering that over half of all hospitals surveyed by HIMSS in the aforementioned report claim to have been hit by ransomware.
Why are healthcare organizations being targeted so heavily by cybercriminals? According to Lillian Ablon, a cybersecurity expert at the California think tank Rand Corp., it’s due to the fact that healthcare companies—like schools and small businesses—often lack sophisticated backup systems and strong resilience technologies that most large companies have.
What they do have, however, is patient data—and lots of it. This data is valuable, and therefore highly coveted by hackers. As a result, healthcare organizations are often sitting ducks for sophisticated criminals.
Keep in mind that choosing to make a ransomware payment could only exacerbate the situation. For instance, there is no guarantee that a hacker will return the data after receiving a payment. Plus, making a ransomware payment may just give the hackers more confidence to keep carrying on targeted attacks on either your company, or on other organization.
Of course, in a situation such as a ransomware attack, it will require rounding up your team and figuring out an appropriate course of action. In such a case, though, it would greatly help to have direct access to a computer consultant who can help you navigate the situation and devise a plan for dealing with the problem in a responsible manner.
Apex Technology Services is one computer consultant that can provide this type of offering. While Apex cannot fully prevent ransomware attacks, the company can provide sound guidance and the tools to effectively remove ransomware from your network. Plus, Apex can help you take preventative measures to mitigate damage in the event of an attack by backing up your information, providing cybersecurity training for employees and keeping your network up to date with the latest security safeguards.
To learn more about how Apex Technology Services of greater New York City and Fairfield County can help your healthcare organization deal with ransomware, click here.