In case you’ve missed our newsletters in recent months (or the news in general), you should know there’s been a number of ransomware attacks on hospitals. That’s not a coincidence. It’s become apparent that hospitals and the healthcare industry have become gigantic targets for hackers to go after with ransomware.
As if the cybersecurity world wasn’t scary enough, it seems that new hospitals are hit, almost weekly. To make things worse, none of these incidents have been isolated in any particular area or region; they happen nationwide.
In mid-May, a local healthcare system was hit in Indiana. DeKalb Health discovered a ransomware attack and had a temporary disruption of their operations. Luckily for them, they were swift to react and transferred or rerouted many patients. DeKalb Health was also able to get most of their systems back online relatively quickly—but the fact is: they were attacked.
An even more frightening scenario happened at the Kansas Heart Hospital. Suddenly, without warning, employees lost access to files, which quickly became widespread through the hospital. Hackers had infiltrated the system and locked up all the files in a ransomware attack before issuing a ransom. Fortunately, the hospital had planned for this sort of attack and they were able to keep patient records safe. However, the rest of their systems did get locked out. Now they just had to decide to pay the ransom or not, but there was one thing they didn’t see coming…
Here’s where things get scary. The big risk in any ransom is that even if you pay, you might not get anything back in return. That’s just what happened here. After the hospital paid the ransom, some files were unlocked, but not all of them. The hackers then demanded another ransom for the remaining files. At that point the hospital decided that they wouldn’t continue to entertain the hackers, so they didn’t pay the rest. That left some of their files locked up. Due to ongoing investigation, it’s unclear at this time what became of those files.
You can rest assured that this trend will continue as long as it’s lucrative for hackers. Even though the FBI warns against paying ransoms, most companies continue to do so, which enables the hackers to continue. Not every hospital has to end up on the news though. With proper precaution and training these kind of attacks can be avoided, or even fixed, without having to pay a ransom. Proper backup and monitoring can play an important role in protecting your company.
If you have any questions about where your company could be at risk, let us know. We’re here to help.