Ransomware attacks Rising
Ransomware attacks on the healthcare industry are on the rise. The Herjavec Group wrote a 2020 Healthcare Cybersecurity Report and found that cases have quadrupled between 2017 and 2020. Doctor’s offices and even some smaller hospitals have been forced to close their doors due to ransomware attacks that encrypted or kidnapped their data. Ransomware attacks seeking payment for releasing data have proven to be less than good to their word, with many never recovering even part of their data, if any at all.
Effects of a ransomware attack
Medical records that are held hostage can have real life implications on patients care and health. Jeff Horn, CSO, Ordr says that, “…we’ve recently seen patients die as a result of being held hostage. (Security website, 2020).” Universal health Services (UHS) recently had to shut down many of their systems at many facilities around the US after a cyberattack was released into the network those systems were running on. Most ransomware attacks begin simply enough in some type of phishing email. Once the recipient opens the email, the attack begins. User and admins may not be any the wiser for weeks or even months.
What is Lost in an attack?
The FBI recently announced that these cyberattacks on the healthcare system are rising at a rapid rate (Bajak, F., 2020, FBI warns ransomware assault threatens US healthcare system.) From data scrambling programs to others that steal and/or encrypt the data. Data that can be crucial to a person’s health care can be lost in a matter of seconds. The Washington Post (Zetter, K., 2019) recently told us about a new type of virus that can “place” tumor in existing CAT scans and MRI’s when none really exist. This can complicate care or even kill patients who are falsely diagnosed. Any compromised data cannot be trusted after a cyberattack like this, and often the entire system must be wiped and rewritten.
Security Evaluation importance
For these reasons viruses, ransomware, and many other types of security breech programs must be detected and rooted out of the systems they are trying to affect. It is crucial to have all your healthcare data and patient records safe and secure with many options available. Keeping HIPAA compliance up to date and having HIPAA risk assessments at the required yearly intervals can help monitor this security concern and stop it from happening. Keeping data secure can keep from having to close a practice after a breech or being able to adapt and keep moving forward without affecting patient health or care.
Bibliography
Bajak, Frank, October 29, 2020, FBI warns ransomware assault threatens US healthcare system,
AP News, https://apnews.com/article/fbi-ransomware-healthcare-system-
7531ca8d2742d855cd374213d111821c.
Herjavec Group, 2020, 2020 Healthcare Cybersecurity Report,
Cybersecurity-Report-2020.pdf.
Security website, September 29, 2020, UHS Hospitals hit by Ryuk ransomware, forced to shut down
Systems, https://www.securitymagazine.com/articles/93482-uhs-hospitals-hit-by-ryuk
-ransomware-forced-to-shut-down-systems.
Zetter, K., April 3, 2019, Hospital viruses: Fake cancerous nodes in CT scans, created by malware, trick
Radiologists, The Washington Post,https://www.washingtonpost.com/technology/2019/04/03/
hospital-viruses-fake-cancerous-nodes-ct-scans-created-by-malware-trick-radiologists/.
