Protecting Healthcare Computing Resources in the Pandemic

by May 28, 2020

The COVID-19 pandemic has forced members of society to make many changes in their daily lives. Social distancing, working remotely and wearing masks to reduce transmission of the virus are just a few of the ways we are all being asked to address this global pandemic. During these trying times, the importance of the healthcare industry cannot be overstated. The citizens of the world depend on their healthcare providers for information regarding the virus and treatment of infected individuals.

Many diverse sectors of society have come together in an attempt to minimize the impact of the coronavirus. In many cases, people have responded in admirable ways to help their fellow human beings. Unfortunately, there are always entities that attempt to take advantage of the misfortune of others to further their ends. This is especially malicious in the face of the COVID-19 virus.

Price-gouging has been reported regarding the procurement of essential supplies for both individuals and organizations like hospitals. These activities have spurred the U.S. Department of Justice to take action against the perpetrators.

Cybercriminals Take Aim at the Healthcare Industry

Sadly, cybercriminals are also taking advantage of the confusion caused by COVID-19 to launch attacks on individuals and organizations. The healthcare industry is a prime target for their malicious code and the risk of infection with malware hangs in the air like the coronavirus itself. Specifically, ransomware can cripple a healthcare provider by encrypting data resources and rendering them useless until the criminals are paid off.

Due to the critical nature of healthcare data assets during the pandemic, hackers had initially made unsubstantiated claims that they would leave hospitals and medical organizations alone. These assurances soon proved to be untrue as the ransomware variant Maze began making an unwelcome appearance in IT environments.

Maze takes ransomware attacks to a new level by downloading sensitive information that cybercriminals use as leverage to get their financial demands met by affected organizations. Criminals threaten to post patient information on the web in addition to encrypting critical healthcare systems. This creates a powerful incentive for infected hospitals or health institutions to pay the ransom.

Many ransomware attacks are carried out by automated bots that search for generic system weaknesses that can be exploited to facilitate infection. These weaknesses are often human-related, with phishing emails being a preferred method of delivering ransomware. With proper training and user vigilance, the success of these types of attacks can be mitigated.

A new and troubling trend is the emergence of human-operated ransomware attacks that make use of extensive system administration and network security knowledge to infiltrate systems. They then discover security weaknesses and attempt to attain elevated privileges to allow them to spread their malware. The ransomware can lay dormant for weeks or months before being deployed to attack infected systems.

Small hospitals and health centers have become prime targets for ransomware attacks. This practice began before the COVID-19 pandemic but has become a larger problem with the increased focus on healthcare IT environments. Small institutions are targeted because they are more likely to pay the criminals to avoid any lapse in patient care. They are also often challenged to provide the level of IT security required to keep intruders away from their systems.

Even in the best of times, hospitals cannot afford for mission-critical systems to be unavailable. The loss of patient-centric systems can have severe repercussions on care that cannot be tolerated. In the midst of the pandemic, these issues take on even greater importance. Lives can be in the balance as the result of compromised systems and databases.

Backups are the Best Protection Against Ransomware

The critical nature of healthcare data assets makes it imperative that the responsible IT teams take all possible precautions to protect them. This protection demands a two-pronged approach consisting of measures to limit the possibility of infection and procedures to recover if an attack proves to be successful. Teams also need the ability to use backups to restore critical systems quickly while avoiding conceding to the ransom demands.

IDERA’s SQL Safe Backup protects your SQL Server environment from ransomware attacks by providing the backups required to recover the affected systems. The comprehensive backup application uses advanced backup compression, disk-writing, and multi-threading techniques to increase backup speed. This can be an important factor when backups need to fit into an aggressive time window.

Backups are secured with 128-bit and 256-bit AES encryption for additional data protection. You can also mirror backups to multiple locations during a backup operation. Advanced restore capabilities give your team flexibility when recovering from an emergency. Databases can be immediately restored to minimize downtime and you can choose to recover to any point-in-time.

The SQL Server platform is popular for databases in many industries including healthcare. It provides well-needed protection for the valuable data stored in your SQL Servers and should be added to the set of tools your database team has at its disposal. These days, you need to protect your data and yourself from the effects of COVID-19 and those who use it for unscrupulous purposes.