However, this problem is a familiar one. Back in 2020, the first death by ransomware was ruled in Düsseldorf. An attack paralysed the hospital’s systems to the extent that it was forced to pause all admissions to its A&E department. This resulted in hospital staff frantically diverting inpatients to a city 19 miles away, proving fatal for one woman. Then, in August 2022, the UK’s NHS 111 service was taken offline by a severe cyberattack, also through its supply chain, via its service provider, Advanced, which meant that 40 million people were denied access.

This illustrates the gravity of ransomware attacks on the healthcare sector. In this blog, we will delve deeper into recent trends so your company can maintain agility in the face of ever-evolving and ruthless attacks.

Complex supply chain

Britain’s NHS delivers care to 68 million people and is one of the world’s largest employers, providing work to 1.7 million people. Still, it is behind only the US and Chinese military, Walmart, and McDonald’s. Despite its vast size, it was successfully breached earlier this month and continues to suffer significant disruptions, such as six entire NHS trusts. Many GP practices are spread across southeast London, serving 2 million Brits. This is due to a breach in Synnovis, a private firm that the NHS uses to examine blood tests.

A senior NHS source warned that it would take “many months” to resolve and that it is not yet clear “how the hackers gained access to the system, how many records have been affected and whether these records are retrievable.” As a result, even an entity with the enormous infrastructure of the NHS has been forced to dust off a paper records system, where patients’ information is printed and blood samples hand-delivered by porters.

Already in 2022, the NHS suffered a severe ransomware attack caused by a violation of its Adastra software, which was operated by a third party. Was this a test of the NHS supply chain? This ransomware attack not only caused financial disruption but also distress to patients in the care homes whose data was sold.

Attacks continue. Earlier this year, in March 2024, NHS Dumfries & Galloway was hit by an attack that caused widespread distress and the release of confidential patient data. The implications and investigations of this attack are ongoing, and public concern continues.

Why is the UK healthcare sector so vulnerable?

Martin Lee, Cisco’s UK-based security research lead, warns: “When healthcare systems and data are unavailable, lives are potentially at risk. This makes the sector a tempting target for criminals. Outages put pressure on management to pay off the attackers to restore availability quickly. However, paying the ransom means that these attacks remain profitable and ultimately only serve to encourage further attacks.”

According to a report by Cisco’s Talos threat intelligence division, healthcare providers were the most targeted by ransomware gangs last year. The report attributed this to these organisations having “underfunded budgets for cybersecurity and low downtime tolerance.”

The figures back this up, as this marks the third time that Synlab and Synnovis have been attacked, affecting pathology services across Europe. For example, in June 2023, the ransomware gang Clop breached the French branch and stole data, while earlier this year, Synlab’s Italian subsidiary was hit by a separate ransomware group, Black Basta. The group gained access to around 1.5TB of data and published it in its entirety when no final ransom was paid.

A similar attack was the one on the Finnish mental health giant Vastaamo in 2020, where a copy of all data on the system was sent to the attacker. This included names, addresses, and notes from the therapist on each private session. The work therapists do in dealing with people’s deepest fears and secrets is naturally a very sensitive one, and this attack was devastating for the mental health of its victims. Vastaamo has now ceased trading.

Concerns over the potential escalation of these attacks had been raised in Parliament in 2023, as the increasing use of digital healthcare in the UK means that more critical equipment and systems are connected to the internet, making them a potential target for cybercriminals. However, in a post-COVID world, the use of telemedicine is increasing. In 2023, the NHS began circulating information on ‘Connected Medical Devices’ cyber vulnerabilities to its staff. In February 2024, the World Economic Forum went so far as to name the Healthcare sector as the biggest target for cybercrime due to the critical data it holds and the online devices controlling people’s lives.

How has unpreparedness for attacks recently affected the healthcare sector?

The desperate need to get back online is one of the reasons why 38% of healthcare organisations are reported to have paid a ransomware fee. A 2022 survey of 100 cybersecurity managers in the UK health sector found that 81% of healthcare organisations in the UK had been hit by ransomware in the previous year. Whilst 38% paid the ransom to regain their files, 44% refused to pay and lost their healthcare data. Close to two-thirds (64%) of respondents admitted their organisation had to cancel in-person appointments because of a cyber-attack.

Even unexpected sources can be vulnerable in the healthcare sector. The London Borough of Camden recently warned of a risk to personal data after one of their suppliers of beds, hoists, and grab rails was attacked. Computers attached to MRI machines, CT scanners, blood pressure and heart-rate monitors are vulnerable and provide back doors into connected systems.

How can you protect your business?

These numerous and ruthless attacks serve as another reminder to have the measures in place to prevent you from being caught off guard. The NHS experience illustrates how even large, well-resourced providers can be vulnerable to prolonged disruptions if proper security measures are not in place. The UK government has committed to a series of measures to support healthcare providers by 2030. Still, in the meantime, businesses in the supply chain must take appropriate measures to keep defences high.

At Thrive, we specialise in providing industry-leading cybersecurity solutions tailored to you and your staff’s needs. Our team of experts can work closely with your organisation to identify vulnerabilities, implement robust safeguards, develop incident response plans, and ensure you have the defences to maintain operational resilience in the face of ransomware and other malicious attacks.

Don’t leave your systems, data, and, most importantly, your patients at risk. Contact Thrive today to learn how we can fortify your company and give you the peace of mind to continue delivering essential services without disruption. Protect your operations, reputation, and ability to contribute to life-saving care with Thrive as your trusted cybersecurity partner.

The post Guarding Britain’s Health: Strengthening Cybersecurity in the UK Healthcare Sector appeared first on Thrive.

In the past year, 120 healthcare breaches were reported that have compromised data from about 11.5 million patient records across the country, according to the U.S. Department of Health and Human Services Office for Civil Rights

The digitization of healthcare records and the integration of connected medical devices have undeniably improved patient care and operational efficiency. However, this digital transformation has simultaneously given rise to a complex threat landscape that demands stronger healthcare cybersecurity. Cybercriminals target healthcare organizations to gain unauthorized access to valuable patient information, leading to potential identity theft, financial fraud, and even patient care issues.

Understanding the Challenges the Healthcare Industry Faces

• Legacy Systems: Many healthcare organizations still rely on outdated legacy systems that may lack robust security features. These systems pose a significant challenge as they are more vulnerable to cyber threats and may not receive regular security updates.
• Human Factors: Healthcare staff may inadvertently contribute to security vulnerabilities through actions such as clicking on phishing emails or using weak passwords. Adequate training and awareness programs are essential to mitigate these risks.
• Interconnected Devices: The proliferation of Internet of Things (IoT) devices in healthcare, from wearable gadgets to medical equipment, creates additional entry points for cyber threats. Securing these interconnected medical devices is crucial to maintaining a resilient cybersecurity posture.
• Regulatory Compliance: Healthcare organizations must adhere to strict regulations, such as the Health Insurance Portability and Accountability Act (HIPAA). Compliance with these regulations is not only a legal requirement but also a vital component of safeguarding patient data.

Strategies for Bridging Cybersecurity Gaps

• Risk Assessment and Management: Conduct regular risk assessments, like Thrive’s Cybersecurity Risk Assessment, to identify potential vulnerabilities and prioritize them based on their impact. Implement risk management strategies to address and mitigate identified risks effectively.
• Upgrading Systems and Software: Invest in modernizing and upgrading legacy systems to ensure they have the latest security features and patches. Regularly update software and firmware to address vulnerabilities and enhance overall security.
• Employee Training and Awareness: Educate healthcare staff on cybersecurity best practices, emphasizing the importance of recognizing and reporting potential threats. Training programs should cover topics such as phishing awareness, password hygiene, and secure communication practices.
• Implementing Multi-Factor Authentication (MFA): Enhance access controls by implementing MFA. This adds an additional layer of security beyond traditional username and password combinations, reducing the risk of unauthorized access.
• Collaboration and Information Sharing: Foster collaboration within the healthcare industry to share threat intelligence and best practices. Establishing a collective defense approach can enhance the overall cybersecurity resilience of the sector. The Department of Health and Human Services Health Sector Cybersecurity Coordination Center (HC3) is a great example of government-led collaboration.  
• Incident Response Planning: Develop and regularly test incident response plans to ensure a swift and effective response to cyber incidents. This includes communication protocols, data recovery strategies, and collaboration with law enforcement if necessary.

Addressing cybersecurity gaps in healthcare requires a proactive approach from healthcare providers and organizations. Cracking the code on healthcare cybersecurity is an ongoing effort that demands continuous adaptation to the evolving threat landscape. Contact Thrive today to learn more about how your healthcare organization can be better prepared against data breaches and other cybersecurity threats.

The post Cracking the Code: Addressing Healthcare Cybersecurity Gaps appeared first on Thrive.

95% of all identity theft stems from stolen hospital records. Download our eBook to learn more.

The post The Partner That Knows: Healthcare Industry eBook appeared first on Thrive.

More Healthcare organizations are using the Cloud to process enormous amounts of healthcare data with real-time access to medical information.

However, despite the growing popularity of Hybrid Cloud deployment, many hospitals still use outdated software systems that have been patched repeatedly.

That’s why healthcare providers are turning to Thrive to tap into the full potential of the Cloud while maintaining compliance and security and reducing costs..

Take your healthcare organization to new heights with Thrive.

1. Reduced CapEx Spend  When partnering with Thrive, your healthcare organization won’t need to pay upfront costs for expensive infrastructure and hardware. Thrive also helps you eliminate hidden operating costs and reduces downtime to keep your business running.
2. Efficiency Hybrid Cloud delivers flexibility and can be engineered to meet all HIPAA and HITECH compliance requirements. It reduces overlap in processes and provides a necessary update to legacy infrastructure.
3. Enhanced Regulatory Compliance Healthcare organizations need to meet reporting and risk assessment requirements, and Thrive’s experts can help your organization be agile without sacrificing safety or compromising compliance. Thrive performs a risk assessment and provides strategic IT consulting services to ensure a fully customizable Cloud migration plan is designed and executed.
4. Advanced Cybersecurity As healthcare business systems grow in complexity, there is an increased risk of vulnerabilities, exploits and security breaches. Thrive’s comprehensive Cybersecurity solutions protect your business, uncover, and mitigate risks and meet stringent regulatory requirements. Our security-first Cloud approach is flexible and economical, provides specific, actionable information and is backed by a 24x7x365 Security Operations Center.
5. Disaster Recovery
   Hospitals, health systems, and doctor’s offices cannot afford critical infrastructure failure, security breaches or human error. Data backup and security are essential, as well as a disaster recovery plan (DRP). When networks go down, or cyber-attacks occur, Thrive provides Cloud-based recovery so your healthcare organization can resume IT operations rapidly with minimal or no data loss.

Thrive gives healthcare organizations peace of mind with a comprehensive, proactive security strategy with technology solutions. Read more in our recent industry brief here.

Click here to contact us today to solve and manage your healthcare organization’s Cybersecurity and Cloud needs.

The post 5 Ways Healthcare Organizations Shine in the Cloud with Thrive appeared first on Thrive.

The comprehensive strategy for a cyber-resilient health and social care sector will ensure health services are better protected from cyber threats, further securing sensitive information and ensuring patients can continue accessing care safely. The plan includes strategies for identifying areas in the most vulnerable sector to utilise resources across the country to defend against cyber attacks.

Creating a cyber strategy of this magnitude would have been challenging for a large public sector giant like the NHS. As a result of this action plan, smaller private businesses are better equipped to follow this roadmap and adopt the same security mindset.

By embedding the same Cybersecurity framework and ideology of emerging technology as the NHS, other organisations can minimise the impact and recovery time of a cyber incident.

However, it’s not an easy road to go alone. That’s why it’s imperative to have a trusted Cybersecurity partner like Thrive to navigate the journey.

Here’s a breakdown of the five critical pillars of the UK government’s Cybersecurity strategy for the NHS that Thrive can also implement to fill in the gaps for your business.

1. Focus on the greatest risk and harm. Health and care organisations must be able to identify and secure their most vital assets and systems. This includes conducting regular risk assessments and implementing appropriate security controls. The first pillar focuses on identifying the areas of the sector where disruption would cause the most significant harm to patients, such as sensitive information being leaked or critical services being unable to function. Thrive conducts a Cybersecurity Risk Assessment led by Thrive’s (ISC)2 certified Strategic Consultants. The Thrive team reviews your organisation’s technology infrastructure and processes to identify potential vulnerabilities. Thrive then builds a strategic roadmap to future-proof your operations without compromising compliance.
2. Defend as one. The second pillar is uniting the sector to take advantage of its scale and benefit from national resources and expertise, enabling faster responses and minimising disruption. Health and care organisations must collaborate to share threat intelligence and best practices and develop coordinated incident response plans. The Thrive team is composed of technical and industry experts dedicated to ensuring that customers can optimise their business performance through the strategic design and implementation of a NextGen IT environment. Thrive’s unrivalled Cybersecurity services give you the experience, resources, and expertise to protect your essential data, SaaS apps, end users, and critical infrastructure.
3. People and culture. The third pillar engages leaders, grows and recognises the cyber workforce, and provides relevant cyber basics training to the general workforce. Health and care companies must foster a security culture with senior leaders actively engaged in cyber risk management. Additionally, organisations must invest in training and development for their staff, providing them with the knowledge and skills needed to identify and respond to cyber threats. Thrive’s Anti-Phishing and Security Awareness Training service provides ongoing security testing and training for your users to raise awareness of phishing, spear phishing, malware, ransomware, and social engineering attacks through targeted user campaigns and responsive training. Improving user awareness of these threats reduces the risk of human error resulting in security breaches and ransomware.
4. Build security for the future. The fourth pillar is embedding security into the framework of emerging technology to better protect it against cyber threats. Health and care organisations must be vigilant and adaptable to avoid cyber threats, with security measures continuously being monitored, tested and updated. To meet the highest security and compliance standards, health and care organisations must stay current on regulatory requirements and industry best practices. Thrive’s Managed Cybersecurity solutions leverage automation for speed and reactivity, experienced people for intelligent problem-solving, and durable solutions 24x7x365 from its Security Operations Centers (SOC). The Thrive security team builds and offers security solutions for the entire IT environment, from endpoints to the Cloud. Thrive’s customised Cybersecurity solutions protect customers’ systems and data end-to-end, relieving IT personnel.
5. Exemplary response and recovery. The fifth and final pillar is supporting every health and care organisation to minimise the impact and recovery time of a cyber incident. Hospitals, health systems, and doctor’s offices cannot afford critical infrastructure failure, security breaches or human error. Data backup and security and a disaster recovery plan (DRP) are essential. When networks go down or cyber attacks occur, Thrive offers NextGen IT business continuity solutions to resume your IT operations rapidly with minimal or no loss. Thrive’s Disaster Recovery-as-a-Service (DRaaS) protects your critical business technology infrastructure, meeting the most stringent Recovery Time Objectives (RTOs) and Recovery Point Objectives (RPOs).

The Road to Cyber Resiliency with Thrive

By using the UK government’s five pillars, health and care organisations can significantly reduce cyber attack vulnerability and improve response and recovery. Working together and investing in the right people, processes, and technologies can create a cyber-resilient system that protects patient data and critical services.

As business systems grow in complexity, there is an increased risk of vulnerabilities, exploits and security breaches. Thrive’s comprehensive and customised holistic Cybersecurity solutions protect your business, uncover and mitigate risks and meet stringent regulatory requirements.

Thrive’s security-first Cloud approach is flexible and economical, provides specific, actionable information and is backed by a 24x7x365 Security Operations Center that monitors your operations with industry-leading security technology.

Contact the Thrive team today to learn more.

The post 5 Key Pillars to Protect Health and Care Organisations from Cyber Attacks appeared first on Thrive.

Many healthcare providers, patients, and companies have yet to tap into the full potential of the Cloud because of data, talent and budget obstacles. However, a strategic IT partner like Thrive can help you overcome those challenges and soar in the Cloud.

DOWNLOAD our industry brief today!

The post NextGen IT for Healthcare appeared first on Thrive.

Healthcare in the U.S. is a massive expenditure, accounting for more than 18 percent of the United State’s gross domestic product (~$3.5 trillion). With a growing and aging population and an increasingly complex network of companies and healthcare institutions working together and sharing information, hackers do not have to look very hard for rewards. With the COVID-19 pandemic, further vulnerability ensued as the industry was forced to operate beyond the walls of a doctor’s office and hospital: primary communications shifted to email and text in some cases, and doctor’s visits turned into virtual appointments. This sudden shift to remote, digital operations opened a new and vulnerable flank in an industry trying to accommodate the urgent needs of patients. 

Outdated systems, a shortage of IT staffing and protocols, and life-or-death scenarios often create conditions that leave patients and staff exposed to data-targeting attacks. The follow-on consequences, such as a pressing need to pay ransoms quickly to regain patient data, only encourage bad actors to target the industry more. 

Due to the existing patchwork security vulnerabilities within the industry, healthcare providers and facilities are likely to, if not already, incur cyber debt. Cyber debt is the amount of unaddressed security vulnerabilities that accumulate in an organization’s IT infrastructure, usually as a result of the implementation of new systems and technologies over time. It emerges through the improper management of sensitive data and assets. Specifically, outdated systems that have far too few staff and protocols to maintain basic hygiene like updates and patches.

A CyberArk 2022 Identity Security Threat Landscape Report found that less than half of cybersecurity decision-makers have identity security controls in place for their business-critical applications, while 79 percent agree that their organization prioritized maintaining business operations over ensuring robust cybersecurity in the last 12 months. These are negligent – yet all too common – practices that have the potential to rack up cybersecurity debt in any industry, not just healthcare. 

When considering the kinds of information that is at stake, such as medications, diagnoses, medical histories, etc., these outdated practices cannot continue. In the court of public opinion as well as the law, liability judgements are becoming increasingly costly and holding executives personally liable.  

Eliminating risk altogether is impossible, however investing wisely in threat mitigation is possible and a vital step in deterring an attack. For most providers, partners and businesses serving the healthcare industry, the most efficient way to tackle cyber debt is by partnering with a managed service provider (MSP) like Thrive that is familiar with the challenges faced by healthcare organizations. Thrive’s comprehensive IT outsourcing services can eliminate gaps in security and enable internal technology teams to focus on quality of care for patients instead of scrambling to recover their personal data.

With glaring holes in security operations across the healthcare industry, Thrive has the expert resources to augment your over-extended cybersecurity team and modernize your security posture to better prevent and mitigate cyber attacks, create a disaster recovery plan, and help ensure compliance with HIPAA, HITECH, and other compliance regulations. 

Learn more about Thrive’s leading healthcare MSP practice and how our security-first NextGen Managed Services can help your organization in our latest cybersecurity white paper.

The post Alleviating Cyber Debt in the Healthcare Industry appeared first on Thrive.

Remote work presents a long list of challenges for doctors, healthcare professionals, and staff, which is why Thrive works to provide an actionable cyber security plan that considers two important components – CybeRTO and CybeRPO. Ensuring all staff can work remotely while mitigating security breach risks is imperative to protecting the long-term success of any healthcare organization.

Are you doing enough to defend your organization from HIPAA violations while providing a remote work setup? CyberRTO and CybeRPO should be important considerations in any cyber security continuity plan, especially in healthcare.

HIPAA Compliance: An Evolving Process

Within the healthcare industry, inherent risks exist that other industries and organizations may not face – so often, end users are the ones who must have a close eye on compliance regulations and policies. It’s important to limit access to only those who need it. PHI should only be seen by members who need it to complete their work, and HIPAA-compliant applications and tools should be used to protect patient privacy.

Encryption is an important part of any work-from-home policy for healthcare organizations. Wireless routers, email, and devices should be configured in a manner to protect valuable patient information. For instance, Microsoft 365 comes with the option of data loss prevention (DLP), which is capable of screening emails for PHI, encrypting any email that may contain personal information.

Disabling of removable media storage should be done as well. If PHI is on a device, USB drives and portable media drives shouldn’t be able to transfer data off the computer’s hard drive.

The Thrive team can help implement a HIPAA-compliant process as technologies and data needs continue to evolve within the organization.

Cyber Attack Preparation: Putting a Plan in Place

CybeRTO and CybeRPO represent security response times and the recovery of data in the event of a breach or cyber attack. Together, they define just how much time and data loss a healthcare organization can afford.

CybeRTO refers to how long it takes to respond to a threat, and could be something as simple as patching a vulnerability before an incident occurs or something as complicated as reacting to a cyber event. It also takes into account how long it will take to recover from an attack that has affected the work environment.

On the other hand, CybeRPO refers to the data that could be lost in a cyber attack, and how much data would be exposed. In the case of the healthcare industry, that could mean the loss of PHI and having to respond to HIPAA compliance issues.

Thrive designs solutions capable of backing up data when you want it backed up – whether that’s in real time as files or servers, or hourly, daily, or weekly. We recommend real-time Cloud backup, giving end users the ability to easily access files they need if a disruption occurs.

As you create your continuity plan, keep in mind the CybeRTO and CybeRPO requirements, especially in this work-from-home era. Contact the Thrive team for more information about protecting your end users (and patients) while working virtually.

The post Protecting Patient Information While Working Virtually appeared first on Thrive.

Hospital executives received an email on Oct. 29 looking for hospital coronavirus statistics, and claiming to be from the U.S. Department of Health and Human Services. However, the email was fraudulent and if one employee clicked on a targeted link, the entire hospital IT system could have been paralyzed.

The healthcare system has become one of the biggest victims when it comes to Cyber Security. According to HealthcareIT, the lack of Cyber Security awareness among healthcare organizations has translated into healthcare systems being exposed to hackers and phishing.

Cyber attacks are more frequent with the pandemic and the president election as cyber criminals try to exploit busy hospitals and administrators working from home. In fact, the FBI and government officials have warned of an imminent cybercrime threat to U.S. hospitals, putting patient care operations in jeopardy.

Without continual upgrades or the proper monitoring, Norton predicts that cybercrimes will cost the world $6 trillion a year by 2021, with healthcare among the most impacted.

While the solution to hire an internal CISO, seems obvious there is an overall shortage of security professionals across all sectors. This means an administrator, not a trained specialist, must maintain ongoing security training or the company simply won’t be able to keep up with the latest trends or threats.

Also, COVID-19 opened hospital doors and doctors’ offices to thousands of new patients in 2020 which increased the volume of data being processed daily. Telehealth provided the opportunity for healthcare professionals to still treat patients but from the safety of their homes, which also created new access points through the use of apps on phones, tablets, and desktops leaving sensitive information traveling back and forth between patients and medical professionals, often unsecured.

Training is not the only issue when preventing cyberattacks. Organizations need to be just as concerned about the age of their systems as they are about staying updated with their training.

Healthcare centers are often using older systems that are embedded within other devices and can’t be easily upgraded. Without the ability to properly upgrade equipment, healthcare centers are more vulnerable than ever.

Thrive’s team of experts provide customized solutions based on the specific needs of each healthcare organization, from a secure Cloud that meets the privacy needs of HIPAA and other regulations, or Cyber Security solutions that deliver comprehensive protection around patient data.

Thrive’s NextGen services provide each customer with a unique strategy to optimize and protect their business data and applications, including access to the latest Cloud and on-premise technologies, advanced Cyber Security best practices, advanced networking solutions, compliance, and governance assistance.

Interested in learning more? CONTACT US TODAY!

The post Hospitals Targeted in Recent Phishing Email Scam appeared first on Thrive.