2024 Ransomware Attacks on Healthcare: A Wake-Up Call for Healthcare Data Security

March 18, 2024

By Hari Prasad Mariswamy – Manager, Product Management, Skyhigh Security

The recent ransomware attack on Change Healthcare serves as a stark reminder of the vulnerabilities present in the healthcare industry. Sensitive patient data is a prime target for cybercriminals, and healthcare organizations must prioritize robust data security measures.

This attack, perpetrated by a ransomware group, disrupted Change Healthcare’s claims processing infrastructure and potentially compromised patient information. While the full extent of the breach is yet to be determined, the potential impact on patient privacy and access to healthcare services is deeply concerning.

How Could Skyhigh’s Security Service Edge Solution with DSPM Have Helped?

As a leading provider of Security Service Edge (SSE) solutions including capabilities in Data Security Posture Management (DSPM), Skyhigh Security understands the unique challenges faced by healthcare organizations in securing their data.

Skyhigh Security’s comprehensive SSE Solution

Our comprehensive platform (as depicted in diagram above), combining Cloud Access Security Broker (CASB) with Cloud Security Posture Management (CSPM) capabilities, proxy solutions with zero trust enforcement, and a robust data protection product line, could have significantly mitigated the risks associated with this attack.

Here’s how:

  • CASB with CSPM: Skyhigh CASB can continuously monitor for suspicious activity in a given cloud environment. This includes identifying unauthorized access attempts, data exfiltration efforts, and misconfigured cloud services. With its exhaustive CASB sanctioned SaaS application coverage, effective collaboration controls can be applied to make sharing sensitive data outside of an organization extremely difficult.
  • Advanced Data Loss Prevention (DLP): Skyhigh DLP provides advanced capabilities that can detect and prevent the unauthorized movement or access of sensitive patient data, even if attackers managed to gain a foothold within the system. Features like highly scaling and efficient Exact Data Matching (EDM) and Indexed Data Matching (IDM) could have identified attempts to steal specific data formats like social security numbers or medical records in structured and unstructured data repositories. Its smart fingerprinting tool supports hashing billions of sensitive patient records in a matter of a few hours thereby providing the most robust protection for this sensitive data.
  • AI-ML based data security workflows: With the emergence of AI technologies, the risks associated with data security doubled up significantly. Skyhigh Security’s SSE solution for AI can not only provide comprehensive visibility into AI apps usage, but also apply controls on their usage and protect sensitive data from being exfiltrated via risky AI applications.
    In addition, Skyhigh DLP embraces the technology in many of its workflows to be able to future-proof data loss prevention and empower customers by providing means to use ML based auto classifiers for simplifying policy rules and also use AI to reduce false positives in DLP.
  • Data Encryption: Skyhigh DLP integrates with several DRM providers like Seclore and Ionic to secure sensitive data by encrypting it. This can ensure sensitive patient data was encrypted both at rest and in transit, rendering it useless even if stolen by attackers.
  • Zero Trust Network Access (ZTNA): With Skyhigh Security’s ZTNA solution, an enterprise can ensure every user, device and connection is continuously verified before access is granted to sensitive resources. Trust is never granted by default, ensuring data safety and integrity at all times without compromising availability for their users.
Skyhigh Security’s ZTNA Solution (Private Access)

Beyond This Attack: Building a Secure Healthcare Ecosystem

The Change Healthcare attack underscores the need for a comprehensive approach to data security in healthcare. Implementing a robust SSE solution like ours can significantly strengthen overall security posture:

  • Centralized Visibility and Control: Gain complete visibility into cloud activity, user access, and data movement across your entire healthcare ecosystem.
  • Automated Threat Detection and Response: Identify and mitigate threats in real-time, minimizing the potential damage from breaches.
  • Compliance with Regulations: Maintain compliance with data privacy regulations like HIPAA by ensuring strong data security measures.

Taking Action for Stronger Healthcare Data Security

In the wake of this attack, healthcare organizations must prioritize data security to protect patient information and ensure uninterrupted service delivery. Here are some actionable steps:

  • Conduct Regular Risk Assessments: Identify vulnerabilities in your IT infrastructure and data security practices.
  • Implement a Comprehensive SSE Solution: Deploy a robust SSE solution that combines CASB, CSPM, ZTNA, and data protection capabilities.
  • Educate and Train Staff: Train employees on data security best practices and how to identify and report phishing attempts.

By adopting a proactive approach and leveraging advanced security solutions like Skyhigh Security’s SSE, healthcare organizations can build a more secure environment for their patients and their data. Don’t let your organization become the next Change Healthcare—take steps towards comprehensive data security today.

To learn more, view our interactive demo on Skyhigh SSE.


References to learn more about the recent attacks:

Yahoo Finance: U.S. Health Dept. Steps in to Help Mitigate Cybersecurity Risks

CBS News: Change Healthcare Losing Up to $100M a Day Due to Cyberattack

Back to Blogs