An ongoing challenge for hospitals is keeping safe from ransomware attacks. It's a tall order, and Blackcat ransomware group is flexing its claws and choosing the next victim. In fact, three U.S. government agencies advised our healthcare systems about Blackcat's devastating attacks. It's not the first time these systems have been warned about ransomware, and it won't be the last.

This latest warning about Blackcat came from the FBI, CISA (Cybersecurity and Infrastructure Security Agency), and HHS (Department of Health and Human Services). Before that, an FBI flash alert was declared in April 2022, and an advisory issued in December 2023.

Also called ALPHV Blackcat, this criminal gang continues to rack-up an impressive run of attacks. The group first surfaced in late 2021, and from then to September 2023, the group piled up more than one thousand victims and over $300 million in paid ransoms. Since then, Blackcat has focused its ransomware attacks on the healthcare industry.

For as long as the threat of Blackcat has loomed large, ransomware attacks themselves have an even longer history of targeting healthcare. Who would have imagined the first healthcare-related ransomware attack way back in 1989 would develop into a criminal industry targeting healthcare. And now, the attacks are happening more than ever before. For reasons unique to healthcare, hospitals are the perfect target for ransomware attacks.

Ransomware strikes put patient lives on the line when hospital services are disrupted. Just some of the human cost involves cancelled patient procedures, critical data locked and unavailable to doctors and support staff, medical devices at risk, and so much more. As a result, bad actors know hospitals are likely to pay a ransom quickly when patient care and lives are at risk. It's also a prime reason these attacks not only thrive, but it’s also the incentive behind why they continue to grow.

The good news is there are basic security steps healthcare organizations can take to get around paying the ransom and still have the data they need to run. Backing up devices and network data provides the information needed to continue with patient care. Also, employee education on how to avoid a ransomware attack can really pay off. Since phishing is the tool of choice for hackers, whether by email, text, or phone, an employee who knows phishing's red flags can stop an attack before it starts. That's something every healthcare organization, and patient, can benefit from.

Phishing ID Checkup

• Mistakes in spelling and grammar
• Unknown or spoofed sender email addresses
• Links and attachments that are not expected
• Poor graphics
• A sense of urgency to take an action
• Unsolicited messages from government agencies claiming there is some issue you need to deal with right away

Remember to always go directly into accounts to check on anything or make changes to your information. Never click links to get there and you’ll be more likely to keep your private information private.