Ransomware is not a new cyber security threat, but it is becoming increasingly prevalent. The way ransomware works is that an infected computer becomes locked or files are threatened to be deleted if the computer owner does not pay the ransom. Sometimes the threats are only threats and some clever digging can find the infection and purge it, but other times the threats are real and will erase or steal important files. This is becoming a major issue in the healthcare industry.
What To Do?
On February 5, 2016, a major ransomware attack hit the Hollywood Presbyterian Medical Center, locking down all the computers and making it impossible to access any information. The hospital was able to regain control, but only after ponying up $17,000 to the hackers. Having to pay such extreme amounts of money to regain control of computers seems ridiculous, but the unfortunate thing is that it’s often necessary with these attacks.
According to the FBI’s CYBER and Counterintelligence Program, the best thing to do when hit by ransomware is to pay it. The federal government on the other hand essentially says “don’t negotiate with (cyber) terrorism.” Doing so emboldens the thieves to try their underhanded schemes with other businesses and organizations. If you are the victim of an attack, contact the FBI and Internet Crime Complaint Center.
Cyberterrorism and the Healthcare Industry
According to Symantec, the healthcare industry accounts for 37% of all data breaches in 2015.
In that year alone, there were over 250 data breaches that affected more than 112 million patient records. Why are hospitals and medical centers the targets of ransomware? The short answer is security, or lack thereof.
Hospitals run tight ships, and sometimes that means cutting corners. Getting enough reputable antivirus programs to install on all their computers would be very pricey. As a result, they forego the antivirus and intrusion protection in favor of a faster computer interface and lower expenses. Since medical center computers are so often unprotected, criminals can waltz right in and take any records they want or lock down computers until they get paid. On a side note, patient records fetch high prices on the black market due to their ability to assist thieves with identity theft.
What Can Be Done to Prevent These Attacks?
Training. That is the most important step. Medical center employees need to be able to identify phishing schemes, which are the most common method for intrusion. Additionally, IT teams for the hospitals should work to create multi factor authentication for accessing patient records. These records can ruin a person’s life if a thief gets a hold of them, and the cost for damages to personal identity will far outweigh the cost of antivirus and additional security measures. Upgrading network security and training employees in prevention tactics will save a lot of time, money, and grief.