Health Cos. Must Prepare for Growing Ransomware Threat

Law360

Alaap B. Shah and Stuart M. Gerson, Members of the Firm in the Health Care & Life Sciences practice, in the firm’s Washington, DC, office, co-authored an article in Law360, titled “Health Cos. Must Prepare for Growing Ransomware Threat.” 

Following is an excerpt (see below to download the full version in PDF format):

Ransomware attacks have become big business, and they are on the rise. And entities in the health care and life sciences space have become primary targets of opportunity for attackers.

As the recent Colonial Pipeline Co. ransomware event illustrates, a small group of black hat hackers, living in protected status in nation states hostile to U.S. interests, can create massive disruption in our country's infrastructure and well-being, and significant economic and other benefit for themselves and for the governments that support them.

Why is it that health care is such a prime target? The reason lies in the nature of the data that health care and life sciences companies and institutions create and store, and their relative vulnerability in the way they maintain and communicate it.

Health care entities are a treasure trove of cutting-edge research and information regarding pharmaceuticals, medical devices and other intellectual property that command great value. The protected health information that they store is of immense value, less with respect to identity theft, as is the popular notion, than it is as an enabler of fraudulent billing schemes that can quickly produce millions in revenue for hacking organizations.

Download Epstein Becker Green’s Ransomware Checklist for tips to proactively mitigate ransomware risk and for reactive measures to respond to a ransomware attack.

Resources