Search
Close this search box.

The painful cost of Cybercrime to the US Healthcare Sector

In February 2024, UnitedHealth Group’s subsidiary, Change Healthcare, suffered a significant cybersecurity breach, which has had far-reaching consequences across the U.S. healthcare system. The attack, attributed to the ALPHV/BlackCat ransomware group, compromised both personally identifiable information (PII) and protected health information (PHI) for many individuals. Early estimates suggest that the breach affected a substantial portion of the U.S. population, with roughly 4 terabytes of data stolen.

This breach disrupted UnitedHealth Group key operations, including the processing of medical claims and payments, which in turn affected hospitals, pharmacies, and other healthcare providers nationwide. As a result, some individuals were unable to use their insurance to access prescriptions, and healthcare providers faced financial strain due to frozen payments. UnitedHealth Group confirmed that the attack caused major outages, which they expected to fully resolve by the end of March 2024.

In response to the attack, Change Healthcare resorted to manual processes to maintain business operations while working to restore its digital systems. The company paid an initial ransom of $22 million, but the costs related to recovery, system reconstitution, and business disruption could exceed $2.9 billion.

Why Healthcare sector System Recovery needs an urgent upgrade

This breach has raised broader concerns about the vulnerabilities within the healthcare sector, prompting discussions about the need for stricter cybersecurity regulations. Lawmakers are considering new policies to strengthen defenses and ensure that healthcare providers are better equipped to handle such attacks in the future.

Although the HIPAA (Health Insurance Portability and Accountability Act) regulations outline specific requirements for System Recovery which we covered in a previous article, the act itself dates to 1996 with HIPAA’s Privacy Rule and Security Rule, which focus on the protection of personal health information (PHI) and electronic PHI (ePHI), being implemented several years after the act was introduced. The Privacy Rule became effective in 2003, and the Security Rule in 2005. Of course, much has changed in the world of cybercrime and data protection over the two decades since these rules became effective, but many healthcare organizations are still maintaining legacy systems supported by legacy backup and cybersecurity tools.

Cristie Software can modernize System Recovery for the Healthcare sector

Traditional backup and restore applications were originally designed to protect against system outages caused by hardware failures and natural disasters, they did not offer specific protection against cybercrime, or tools to assist with cyber recovery following an attack. Modern data protection applications have been designed from the ground up to secure data and aid cyber recovery with features such as immutable storage and isolated recovery. Cristie Software integrates seamlessly with modern data protection applications and takes cyber recovery many steps further by adding features such as multi-cloud disaster recovery support, advanced anomaly detection and cleanroom recovery to facilitate cyber forensics and backup integrity verification. Our system recovery software integrates with backup solutions from leading providers such as Rubrik, Cohesity, Dell Technologies and IBM.

What should the US Healthcare sector focus on to improve Cyber Resilience?

To reduce cybercrime, the U.S. healthcare sector must focus on strengthening its cybersecurity infrastructure, adopting mandatory standards, and investing in advanced technology. Key strategies include implementing robust encryption, multi-factor authentication, and a zero-trust architecture, which limits access to sensitive data unless explicitly verified. Regular vulnerability assessments and third-party risk management are also critical to addressing gaps in security. Additionally, comprehensive cybersecurity training for healthcare employees is essential to prevent human errors that can lead to breaches.

Cyber Resilience through the adoption of AI and improved collaboration

Healthcare providers should invest in AI-driven security tools and automation to detect and respond to threats in real-time. Cristie Software has incorporated features driven by Machine Learning (ML) into their software suite to provide early warning of malicious file encryption plus intelligent automated system recovery remediation which can solve many common system recovery failure scenarios without manual intervention. 

Collaboration between government agencies, like the Cybersecurity and Infrastructure Security Agency (CISA), and private sector organizations can improve information sharing and coordinated responses to attacks. Public-private partnerships, coupled with federal regulations that enforce minimum cybersecurity standards, could significantly strengthen defenses against cybercrime. Such measures would not only protect patient data but also ensure continuity in critical healthcare services.

Conclusion

In conclusion, reducing cybercrime in the U.S. healthcare sector requires a comprehensive approach involving a modernization of data security infrastructures, regular audits, and mandatory cybersecurity standards. By investing in AI-driven tools and enhancing collaboration between public and private entities, the sector can better protect sensitive data and maintain operational resilience. Implementing these strategies will be critical to safeguarding patient information, preventing disruptions in care, and ensuring the long-term security of the healthcare system against evolving cyber threats.

Contact the Cristie Software team if you are looking to improve system recovery and replication for critical healthcare systems, or to learn more about system replication and our system recovery integration with leading backup solutions from vendors including IBM, Dell Technologies, Rubrik and Cohesity.

Contact Us

Thank you for contacting us. We have received your request.