Ransomware is officially on the rise. According to Bloomberg, the number of known attacks surpassed five million in 2015. In 2016, the total cost of ransomware may have risen to $1 billion. A bullish little bugger, ransomware locks up your system and refuses to hand over the keys until you’ve paid the ransom. Unfortunately for healthcare providers, the bad guys seem intent on using this sophisticated hacking tool to make life miserable.
Methodist Hospital declared an “internal state of emergency” following a ransomware-related security breach. The Kentucky healthcare facility was hit by the “Locky” malware strain. It compromised its systems and encrypted sensitive files in the process. The perpetrators of the attack demanded a ransom of four bitcoins, which was a little over $1,200 USD. Locked out of its systems, the hospital was stripped down to the bare minimum in web services and communication, while IT scrambled for resolutions.
Methodist learned firsthand how ransomware forces its victims to make crucial decisions in no-win situations. With access to their mission-critical systems held captive, a spokesman said the healthcare center was considering paying the ransom. And while no sensitive data was lost, there were repercussions. The hospital shut down each system and brought them back online one by one after scanning for malware. Multiple systems were compromised in the breach, so downtime was the biggest drawback from the attack.
The assault on Methodist happenedd following another attack involving yet another healthcare facility. Employees at the Hollywood Presbyterian Medical Center called law enforcement after suspecting something was amiss with their computers. The investigation determined that cyber goons essentially held the network hostage by encrypting files on the hospital’s systems.
Methodist Hospital refused to cooperate and took the long road to resuming its operations. Hollywood Presbyterian, on the other hand, decided to play ball. The L.A.-based hospital paid a ransom of 40 bitcoins, or $16,664, to obtain the decryption key and restore its IT systems. Apparently key decision makers concluded that complying was in the best interest of the hospital, its staff, and patients. The fact that a fairly prominent medical facility in an affluent community determined to give in to cyber crooks… That is a very disturbing and sobering reality to say the least.
Healthcare Held Hostage Overseas
Malware is an international terror and ransomware is starting to look like the face of a rapidly growing epidemic. North Rhine-Westphalia Germany hospital Klinikum Arnsberg fell victim to an unsolicited email that bundled ransomware in an attachment. Luckily IT personnel was able to spot the original malware. They shut down that server before the infection spread to the 199 other machines in a robust 200-server network. IT’s ability to detect and quickly respond to the problem potentially spared the hospital massive amounts in financial losses and damages.
Not far away in Neuss, Germany, Lucas Hospital literally turned back the clock when ransomware swept through the facility. Hospital staff resorted to using pen and paper for documentation, and phone and fax for communication due to a sophisticated attack that brought IT to a crawl. As you might imagine, there were significant drawbacks to scaling down operations. “High-risk” surgeries were reportedly delayed as a safety precaution and the operation in general moved slower because resources were limited. At the time of the incident, it was reported that getting the entire hospital network back up and running would take weeks.
HIPPA Compliance and Ransomware Prevention
So why does the global healthcare industry seem to be such a prime target for ransomware attacks? Sensitive data, and lots of it. Cyber criminals realize that this field sits high atop an information goldmine. These nuggets are so indispensable, that those responsible for it will pay big money to get it back. To make matters worse, healthcare organizations need to have HIPPA compliance, which levies hefty penalties for those who violate standards. Victim or not, it is the provider’s responsibility to maintain secure access to medical records. Federal regulations spare no quarter.
All by its lonesome, you can say, ransomware has upped the importance of HIPPA security training and awareness. Simply knowing about ransomware, phishing plots and web exploits can help prevent employees from endangering organizations. It’s a basic training element that will keep providers on the right side of compliance.
Like other types of malware, ransomware looks to exploit outdated web browsers and browser plugins like Adobe Flash and Java. It also takes aim at unsuspecting users like the employees at both Klinikum Arnsberg and Methodist Hospital who opened infected attachments harbored in spam emails. So while ransomware continues to evolve, the secret to combating it with maximum effectiveness is still as simple as prevention. Try to avoid it like the plague by apprehensively approaching every email, every link, and every plugin that comes in contact with the network.
Rebounding From Ransomware Attacks
Keeping ransomware at bay calls for harmonious balance between your cyber security strategy and business continuity plan. Firewall and anti-malware solutions should be in place doing their jobs. If something suddenly goes haywire, you need to have a complete set of processes ready to roll right of the box and recover as soon as possible. Methodist Hospital was able to avoid paying the ransom because they knew they could restore their backups to get systems back up and running.
Healthcare isn’t the only juicy target for ransomware-wielding criminals. The banking industry, government, and even the technology sector is sitting pretty in the eyes of forward-thinking bad guys. Just ask Apple, whose Mac OS software was compromised in a breach that led to the infection of 6,500 computers. However, healthcare is an area that stands to suffer the double jeopardy of an absolute security nightmare and government-levied compliance penalties. Only through awareness and diligence can organizations avoid the disaster that accompanies ransomware.