The recent string of ransomware attacks on hospitals only validates The Institute for Critical Infrastructure Technology’s recently published research suggesting that ransomware is becoming increasingly common in healthcare organizations. MedStar Health could be the latest hospital victim to a ransomware attack, although its officials have not confirmed or denied this claim. But what exactly is ransomware, and is there anything hospitals can do to prevent an attack?
What is ransomware?
Ransomware is a form of malicious software (malware) that blocks hospital staff from their own data, by accessing and encrypting their files. It then demands payment to restore the data typically through Bitcoin, a cyber currency that is extremely difficult to trace. The most common ransomware programs are spread through spam email campaigns disguised as invoices.
Why are hospitals a target?
Hospitals are progressively becoming a major target for cyber criminals because they are very likely to store highly sensitive information on older systems, so they often lack the latest security features, such as strong spam email filters, and require a more difficult process to back up information. Cyber criminals also know hospitals are more able to pay, and have an urgent need to regain access to their data.
What hospitals have been affected?
Recently, Hollywood Presbyterian Medical Center paid $17,000 to get back their access to information. Two other hospitals in southern California were also attacked, but technology specialists were able to make sure no data was compromised and nothing was paid. Similarly, Methodist Hospital in Kentucky was also hit recently, but were successful in fending it off without payment to cybercriminals.
While $17,000 may seem like a relatively small amount of money, cybersecurity experts suggest not paying the ransom because without the ransom, these cyber criminals will be out of business. There is also no guarantee that the hackers won’t attempt to install the malware again.
How are hospitals protecting themselves?
Employees are usually the main target for cyber criminals because they have direct access to health system information and use hospital computers daily. Bad habits – including opening suspicious emails and not taking the initiative to keep their own personal devices secure – can open the door to potential cyber threats.
Experts recommend employee education and awareness programs to help staff understand how the attacks work and how to stop, or at least not fall for them. Additionally, hospitals should frequently back up their data so hard drives can be easily wiped and restored to their previous states.
Ransomware has existed for a couple years now, but only recently hit the United States. Because of HIPAA laws, hospitals have been working hard to keep hackers from stealing patient data, not holding it hostage. Crazy, right?