While healthcare providers and healthcare industry vendors cannot afford to ignore HIPAA, a adding together threat has emerged and is poised to become much enlarged: ransomware attacks on the subject of hospitals and healthcare providers that are not seeking to breach tolerant auspices but on the other hand render it inaccessible until the dispensation pays a hefty ransom.
In just the p.s. few weeks, the with major ransomware attacks a propos speaking healthcare facilities have occurred:
In February 2016, hackers used a fragment of ransomware called Locky to fierceness Hollywood Presbyterian Medical Center in Los Angeles, rendering the running’s computers inoperable. After a week, the hospital gave in to the hackers’ demands and paid a $17,000.00 Bitcoin ransom for the key to unlock their computers.
In to the lead March 2016, Methodist Hospital in Henderson, Kentucky, was as well as attacked using Locky ransomware. Instead of paying the ransom, the admin restored the data from backups. However, the hospital was exasperated to avow a “make a clean breast of emergency” that lasted for in report to three days.
In tardy March, MedStar Health, which operates 10 hospitals and on peak of 250 outpatient clinics in the Maryland/DC place, fell victim to a ransomware attack. The doling out suddenly shut down its network to prevent the violence from spreading and began to gradually remodel data from backups. Although MedStar’s hospitals and clinics remained wandering, employees were unable to admission email or electronic health records, and patients were unable to make appointments online; everything had to go further to paper.
Likely, this is unaided the beginning. A recent investigation by the Health Information Trust Alliance found that 52% of U.S. hospitals’ systems were misrepresented by malicious software.
What is ransomware?
Ransomware is malware that renders a system inoperable (in essence, holding it hostage) until a ransom gain (usually demanded in Bitcoin) is paid to the hacker, who subsequently provides a key to unlock the system. As the length of many added forms of cyber attacks, which usually intend to right of entry the data concerning a system (such as report card opinion and Social Security numbers), ransomware understandably locks the data down.
Hackers usually employ social engineering techniques – such as phishing emails and forgive software downloads – to buy ransomware onto a system. Only one workstation needs to be polluted for ransomware to feign; once the ransomware has mixed a single workstation, it traverses the targeted doling out’s network, encrypting files upon both mapped and unmapped network drives. Given ample epoch, it may even inherit an admin’s backup files – making it impossible to remodel the system using backups, as Methodist Hospital and MedStar did.
Once the files are encrypted, the ransomware displays a pop-going on or a webpage explaining that the files have been locked and giving instructions upon how to pay to unlock them (some MedStar employees reported having seen such a pop-occurring in the back the system was shut furthermore to). The ransom is in this area always demanded in the form of Bitcoin (edited as BTC), an untraceable “cryptocurrency.” Once the ransom is paid, the hacker promises, a decryption key will be provided to unlock the files.
Unfortunately, because ransomware perpetrators are criminals – and so, untrustworthy to begin with than – paying the ransom is not guaranteed to pretend. An supervision may pay hundreds, even thousands of dollars and feat out no tribute, or realize a key that does not be in, or that does not sufficiently take effect. For these reasons, as ably as to deter far and wide afield ahead attacks, the FBI recommends that ransomware victims not cave in and pay. However, some organizations may anguish and be unable to exercise such restraint. Do you know about legit cyber security consultant?