A ransomware attack has taken place at CommonSpirit Health, which operates over 1,000 hospitals and care facilities across 21 U.S. states. The organisation continues to deal with the fallout from the incident. Security experts say such tie-ups and acquisitions make healthcare systems more vulnerable to security breaches.
The incident comes as the U.S. FBI warns firms that ransomware attackers tend to target companies going through significant financial events. With healthcare in particular, recent healthcare cyberattacks have hurt hospitals and research facilities, impacting the services they provide for the public and their various investors and stakeholders.
Looking at the implications of the attack for Digital Journal is cybersecurity evangelist and cyber espionage expert, Raj Dodhiawala, CEO of Remediant.
Dodhiawala begins by outlining the details behind the cybersecurity incident: “While CommonSpirit Health didn’t disclose the specific type of strategies and ransomware that attackers deployed, the entire incident which could impact millions of Americans comes as the organization was in the middle of a large debt issuance, and most notably, only a few years after the massive merger of Dignity Health and Catholic Health Initiatives.”
In terms of the implications from the incident, Dodhiawala says that: “Healthcare mergers make systems more vulnerable to breaches — today’s hackers know this. In fact, ransomware attackers typically target organizations that are going through big events like mergers and acquisitions, as there tends to be an imbalance in the cyber resiliency between the networks of the entities that are merging, and the tedious process of improving cybersecurity postures is not a priority.”
It also stands that healthcare is a major target for such attacks. Dodhiawala sets this out: “As we continue to see the breadth of damage that ransomware is able to accomplish in healthcare within these types of despicable cyberattacks — and it’s clear mergers and acquisitions activity in the healthcare industry isn’t going to go away anytime soon, one way to bolster confidence is to gain insight into how admin authorization (not just authentication) is managed in the individual entities’ networks.”
The U.S. private, for-profit healthcare sector has been full of activity in recent months, with mergers and buyouts nudging the industry along in the form of new groups and organisations, often leading to different technologies coming together. Dodhiawala also considers lessons to be learned. These are: “The sum total of the combined entity’s resilience is greatly weakened by excessive admin privileges and a fertile environment for lateral movement — a technique that’s used by nearly 80% of today’s successful ransomware attacks — making these insights critical during due diligence, and also during integration.”
