AWS and Illumio: Helping Healthcare Modernize Their Ransomware Response

The healthcare sector – like nearly all others – is in an era defined by rapid digital transformation and, as a result, finds itself at a crossroads. As digitization and interconnectedness reshape the landscape, the sector's vulnerabilities have been ruthlessly exposed by cybercriminals. The rise of ransomware attacks and breaches on healthcare organizations has reached alarming levels and requires a swift and comprehensive response.  

Join Illumio on September 21 at 9 AM PST for a free webinar featuring Amazon Web Services (AWS) on how healthcare organizations can modernize their cybersecurity.  

Register for the webinar today.

Cybersecurity and healthcare industry experts Trevor Dearing, Director of Critical Infrastructure Solutions at Illumio, and Hector Rodriguez, Principal Industry Strategist for WWPS Health and Life Sciences will speak on:

• The keys to a modernized ransomware defense, from heightened visibility to managing over-connected environments
• The unique challenges facing healthcare organizations as they look to protect a multitude of assets across the hybrid attack surface
• How AWS, Illumio, and IoT/OT solutions can better prepare you to meet today’s threats head-on

Keep reading to learn more about how healthcare organizations can update their cybersecurity strategies to stop the spread of today’s inevitable ransomware and breaches.  

The ransomware epidemic facing healthcare  

Just this month, a ransomware attack on a California-based healthcare system disrupted operations to the point of forcing administrators to close down several of the system’s emergency rooms and outpatient offices. The security team was forced to take systems offline and, in some locations, return to paper recordkeeping.  

This most recent attack is just another example of why the healthcare sector has emerged as a favored target for ransomware attacks. The motivation behind these attacks is clear – the sensitive nature of patient data, the critical role healthcare institutions play in society, and the ease at which medical devices and resources can be hacked make them enticing targets for cybercriminals seeking financial gain.  

In fact, hacking and IT incidents more than tripled in the last few years, reaching 705 attacks in 2022, according to HIPAA Journal’s analysis of data breach statistics from the U.S. Department of Health and Human Services’ Office for Civil Rights. 67 percent of healthcare cybersecurity professionals say their organizations experienced “significant security incidents” in 2021, according to the 2021 HIMSS Healthcare Cybersecurity Survey.

As healthcare organizations expand their networks with cloud systems, including Internet of Medical Things (IoMT) devices and new digital record (EHR) systems, they increase their cyber risk. Cybercriminals only need to find one open door to infiltrate an entire network of IT, OT, and IoT systems. And a huge surge in telemedicine and remote work during the pandemic has opened even more pathways of attack for bad actors looking to cause harm to healthcare organizations.

3 ways healthcare organizations can build ransomware-ready networks

Here are three areas where healthcare security teams can focus their efforts to build resilient systems that are proactively prepared for the next ransomware attack or breach.

1. Take a proactive breach containment approach to cyber resilience

The number and impact of recent ransomware attacks on healthcare shows that traditional detection and prevention tools simply aren’t enough to stop today’s complex, ever-evolving attacks. Organizations must start implementing breach containment strategies so that when breaches do happen, they can be isolated and contained, preventing lateral movement through the rest of the network.  

By combining AWS and Illumio Zero Trust Segmentation (ZTS), healthcare can add a defense-in-depth approach to their breach containment:

• AWS offers a robust set of tools for data encryption, threat detection, and access control. With AWS, organizations can scale their security measures alongside their digital expansion, ensuring a resilient defense against ransomware threats.  
• Illumio ZTS allows security teams to proactively isolate high-value assets or reactively isolate compromised systems during an active attack to contain the spread of the breach. Healthcare organizations can limit lateral movement of threats within their networks, minimizing the impact of ransomware incidents.  

This synergistic approach enhances data protection, ensures operational continuity, and enables rapid response and recovery.  

2. Get consistent visibility across hybrid environments

Healthcare organizations’ attack surfaces are expanding as they embrace digital transformation and adopt a hybrid approach that combines on-premises infrastructure with cloud solutions. But traditional security measures, often siloed, slow, and reactive, fall short in the face of today's sophisticated ransomware threats.  

Modernizing ransomware defense hinges on heightened visibility across the entire infrastructure. To start, it’s important to have a simple audit to identify which systems have the most significant impact on delivering services. These often include intensive care, digital imaging systems (PACSs), patient monitoring devices, and operational facilities. Using a model that maps the likelihood of an attack with the impact of an attack will help pinpoint the relative risk of each area.  

The second step is to understand all communication and traffic pathways — what is talking to what. Illumio creates a simple map to show applications and devices and their communication flows with

traditional IT systems, such as applications, servers, databases, the Internet, or even smart devices. It is important that this map includes any communication with workloads or services in the cloud. With this knowledge, generating the required security policies is a much simpler process.

3. Use ZTS to manage over-connected environments

The proliferation of interconnected devices and systems within healthcare environments has ushered in unprecedented convenience and efficiency. But it’s also introduced a complex web of potential vulnerabilities that can – and will – be exploited by bad actors.  

Modernizing healthcare's response to ransomware requires a robust strategy for managing over-connected environments. Zero Trust Segmentation (ZTS), also called microsegmentation, allows organizations to segment their networks into isolated zones, effectively containing the spread of ransomware and limiting its impact. By enforcing least-privilege access controls and network segmentation, healthcare institutions can minimize lateral movement of threats and protect critical assets.

Want to learn more about how AWS and Illumio can protect your healthcare organization? Register for the webinar today.