Hospitals in the U.S. are bracing themselves to fight against a new kind of virus threat – one that doesn’t weaken their patients’ immunity but seizes their sensitive medical records and encrypts them. However, for an industry that is focussed on providing medical attention to the needy, hospitals are not very well prepared to combat the increasing rates of cyber attacks – ransomware, in particular – on their networks.
Since the past few decades, the medical industry has been consciously taking important measures to digitize patients’ data in order to streamline the byzantine amount of paper trails and to improve their service efficiency. But many in the industry, including the patients who are suffering the wrath of these cyber attacks, are now having second thoughts.
Case in point, the recent ransomware attack that crippled the DC-based MedStar Health line of hospitals in more than 4 states last week. The hospitals’ computer network was locked by a ransomware attacked and demanded payment in bitcoins in exchange of files decryption.
On Monday morning, the day of the attack, the hospital issued a statement stating, “MedStar acted quickly with a decision to take down all system interfaces to prevent the virus from spreading throughout the organization. We are working with our IT and cyber-security partners to fully assess and address the situation. Currently, all of our clinical facilities remain open and functioning. We have no evidence that information has been compromised. The organization has moved to back-up paper transactions where necessary.”
The attackers reportedly demanded 45 bitcoins, or $19071.56, from hospital administrators in return of locked data. Industry observers are drawing comparisons between this ransomware attack with the one that took place early in February 2014, when cybercriminals locked patient files belonging to Hollywood Presbyterian Medical Center in Los Angeles. The hospital administration had paid 40 bicoins ($16,664) to retrieve the lost data.
Other hospitals that became a victim of similar cyber attacks in the recent past are Methodist Hospital in Henderson in Kentucky, Ottawa Hospital in Canada, Chino Valley Medical Center and Desert Valley Hospital in California, both part of Prime Healthcare. Noticeably, some of these hospitals were able to combat the ransomware by using advanced internet security software and retrieve data safely.
According to Federal Bureau of Investigation (FBI), U.S. websites incurred a collective loss of nearly $24 million to ransomware threats in the year 2015 alone.
One effective way to fend off ransomware is to use antivirus programs that employ heuristic analysis and study the behavior of software, including unknown files. If the antivirus detects a program as threat, such as the use of an encryption tool, it can quarantine the suspicious process and remove it. An antivirus program with auto-sandboxing feature is an added plus for tackling such scenarios.
Considering the surge of recent attacks in the medical sector, it now seems that the hospitals’ job is not only limited to protect patients from the evils of ailments, but also from the nefarious grip of cybercriminals who want to earn illegal profits from a lucrative industry, even if it means jeopardizing millions of people’s health and lives.
“Companies can prevent and mitigate malware infection by utilizing appropriate backup and malware prevention and detection systems, and training employees to be skeptical of emails, attachments, and websites they don’t recognize,” suggests FBI in their website, adding that, “the FBI does not condone payment of ransom, as payment of extortion monies may encourage continued criminal activity, lead to other victimizations, or be used to facilitate serious crimes.”