Lessons from the Healthcare Cyber Attack

A recent cyberattack crippled the largest U.S. healthcare payment system, Change Healthcare, highlighting a critical issue: the importance of data backups. In the face of such attacks, having a secure and up-to-date backup system can be the difference between resuming operations quickly and suffering prolonged disruptions.

The Change Healthcare Attack

On February 21st, 2024, Change Healthcare, a company processing a significant portion of U.S. healthcare financial transactions, identified a cyberattack. The attack disrupted their systems, impacting patient billing, insurance claims processing, and other critical functions. Hospitals and healthcare providers across the country faced delays in receiving payments and struggled to obtain necessary authorizations for patient care.

The attack showcased the vulnerability of healthcare systems to cyber threats and the potential consequences for patient care and financial stability.

The Importance of Backups

Many healthcare providers were left scrambling due to a lack of robust data backups. Without backups, critical data like patient records, insurance information, and financial transactions could have been lost or corrupted. This could have led to:

  • Disruptions in Patient Care: Delayed access to patient records or authorization issues could have hindered treatment.
  • Financial Strain: Hospitals rely on timely payments. Delays due to data loss could have caused significant financial strain.
  • Reputational Damage: A data breach could erode patient trust and damage an institution’s reputation.

Lessons Learned from Similar Attacks

The Change Healthcare incident serves as a stark reminder for all healthcare organizations, and businesses in general, to prioritize data security. A robust data backup plan is essential for:

  • Disaster Recovery: Cyberattacks are just one threat. Backups ensure a copy exists for restoration in case of system failures, natural disasters, or human error.
  • Minimized Downtime: Backups enable a quicker return to normal operations, reducing downtime and its associated costs.
  • Improved Security: Backups stored securely offsite can act as a secondary defense against cyberattacks. Even if attackers infiltrate your system, your data remains safe.

The Change Healthcare incident is not an isolated case. Here are some real-world examples of cyberattacks on healthcare sectors to illustrate the threats they pose:

  • Ransomware Attack on Hollywood Presbyterian Medical Center (2016), this attack crippled the hospital’s computer systems, forcing them to delay surgeries and divert ambulances. The attackers demanded ransom to decrypt the data, causing significant disruption and potentially endangering patient lives.
  • WannaCry Ransomware Attack (2017), one of the most prominent cyberattacks in recent history, WannaCry ransomware targeted computers running Microsoft Windows operating systems worldwide, encrypting data and demanding ransom payments in Bitcoin. This attack severely impacted the National Health Service (NHS) in the UK, causing disruptions to patient care and forcing the cancellation of appointments and surgeries.
  • MedStar Health Cyberattack (2016), MedStar Health, one of the largest healthcare providers in the Washington, D.C., area, experienced a cyberattack that disrupted its IT systems. The attack affected its ability to provide patient care and forced the organization to revert to paper-based record-keeping temporarily.
  • Universal Health Services (UHS) (2020), a large healthcare provider network, was hit by the Ryuk ransomware attack. This attack disrupted operations and cost UHS an estimated $67 million.
  • Magellan Health (2021), a behavioral health company, experienced a sophisticated spear phishing campaign that deployed ransomware. The attack compromised patient data.

These are just a few examples, but they highlight the different ways attackers can target healthcare organizations. The vast amount of sensitive data stored in these systems makes them prime targets, and successful attacks can have devastating consequences. These examples emphasize the need for robust cybersecurity measures and data backup plans across the healthcare industry.

More Than a Backup

Robust data protection systems like Storware Backup and Recovery can not only restore damaged/encrypted data, but even protect it from threats like ransomware attacks. That’s why Storware not only focuses on the best possible performance, automation and DR testing, but also takes data security and resiliency seriously. What Storware Backup and Recovery offers:

  • Linux-based Installation – a Linux-based installation reduces the attack surface for the backup software itself.
  • IsoLayer (Air-Gap Backup) refers to data stored on a system that is completely isolated from the network.
  • Immutable Backup Destination – immutable backups cannot be modified or deleted after they are created. This ensures that there’s always a clean, uncorrupted copy of your data available for recovery, even if ransomware or another attack attempts to alter the backup.
  • Retention lock enforces a policy that prevents backups from being deleted before a certain period.
  • RBAC (Role-Based Access Control) restricts access to the backup system based on a user’s role. This minimizes the risk of unauthorized users accessing, modifying, or deleting backups.

The Importance of Data Backups

Data backups are not a luxury; they are a necessity. By prioritizing data security and implementing a proper backup plan, organizations can weather storms, both digital and physical, and ensure the continued smooth operation of their business.

text written by:

Paweł Piskorz, Presales Engineer at Storware