EHackingnews.com recently reported that the U.S. healthcare industry is suffering a massive wave of cyberattacks whereby cybercriminals are infiltrating healthcare systems, stealing critical data and disrupting health services. This rise in hacking attempts leads to a risk of patient privacy which is even more critical during the time of the COVID-19 pandemic.
In one specific example, the University of Vermont Healthcare System reported a cyberattack that in turn affected six Vermont and New York hospitals. According to cybersecurity experts, the criminal groups had attacked more than five U.S. hospitals up until the end of October and the figures can go up to a hundred.
Although the UVM attack did not state that they were a victim of ransomware, it is highly likely that future hospitals will experience this particular type of attack whereby the attackers are able to install malware that encrypts the victim’s files and then demand a ransom to restore access to the data. A ransomware attack on a healthcare system can not only be very costly, it can wreak havoc by disrupting critical patient care and services and potentially exposing individual’s personal health data which is in violation of HIPAA compliance rules.
The volume, sophistication and automation of attacks on healthcare and other organizations will not abate, they will only continue to grow exponentially. Most SOC analysts are completely overwhelmed by the speed and volume of alerts and the monotony of responding to and investigating known and unknown threats, causing burnout and alert fatigue.
AI/ML is a key feature of DTonomy’s Assisted Incident Response (AIR)
DTonomy has deep expertise in automating the critical steps in the alert lifecycle: triage, analysis and response. DTonomy AIR leverages AI to dramatically decrease response times and reduce the costs associated with remediating breaches.
With adaptive intelligence the system discovers patterns, makes predictions, prioritizes alerts and recommends actions. It provides analysts with deep insights by identifying patterns from alerts that are not easily recognizable to accelerate investigation, and provides rich and relevant context to speed decision making and response.
The system can be trained to identify and remediate known problems that have proven resolutions helping to speed time of detection and remediation, allowing security professionals to focus on the newest and most critical problems.
Proactive Steps to Facilitate and Speed Remediation
This imminent threat to healthcare organizations, in particular during the pandemic is very serious. We share the following blog posts specific to ransomware, compliance and AI as advice and guidance.
