Ransomware Health Care Alert: Study Warns Providers About Threat to Patient Data
Cybercriminals have set their sights on the health care industry as a target for ransomware, holding hostage information and infrastructure that could put patients in jeopardy. This attack trend marks a significant shift away from what used to be an off-limits tactic, even for malicious hackers.
Data Under Lock and Key
This change comes with the rise of crypto ransomware, according to a new report from the Institute for Critical Infrastructure Technology (ICIT). Crypto tactics involve encoding and locking away certain files and data within the user interface. To get the decryption key and access the information, victims must pay according to perpetrators’ demands.
Some 90,000 computers worldwide are affected by crypto software daily, accounting for 64 percent of all ransomware attacks studied in the period of 2014 to 2015, according to the ICIT report. As HealthcareITNews reports, “Ransomware is responsible for 406,887 attempted infections and accounts for a total of approximately $325 million in damages.”
Cybercriminals Set Their Sights on Health Care
Health care infrastructure looks to be the newest target. According to FierceHealthIT, Hollywood Presbyterian Medical Center was hit for $17,000 in ransom via a crypto-type attack in early 2016. Titus Regional Medical Center in Texas also found its electronic health record system up for ransom. Additional health care agencies have been targeted in Los Angeles County and Canada.
This shift in industry focus is due to the larger sums health care attacks reap when compared to other types of incidents. In general, the ICIT study puts the average payout at $300 per infected host, but the thousands of dollars cybercriminals are demanding from health care organizations suggest the attackers understand they can get more money from larger organizations, especially when the data is critical to patient lives.
Handling a Ransomware Attack
The U.S. Department of Homeland Security tells victims not to negotiate for their ransomed data, according to NPR; instead, they should restore from backups. However, many victims do pay when they have not made sufficient backups of the ransomed data that they can recover after the attack.
For health care IT departments, the time has come for data security reinforcements — a comprehensive program that trains staff, implements dedicated cybersecurity teams and layers defenses to detect and slow down cybercriminals before they can sequester the critical information on which doctors and patients rely.