Ransomware, a form of digital extortion, involves lockdown of computers via malware or encryption of electronic files with a private key that only the attacker holds. Victims are left to pay the hacker to regain access, develop workarounds or isolate affected data/devices.
The FBI reports an increase in incidents in which users infect their computers with ransomware by clicking on a compromised website, often lured by a deceptive email message or pop-up window. A fairly recent variant encrypts files on a hard drive as well as any external or shared drives to which the computer has access.
Although ransom amounts typically range from a few hundred to several thousand dollars per instance, hackers collected more than $200 million total in the United States during the first quarter of 2016.
Healthcare organizations, in particular, need to be on the lookout. Research conducted by security firm Solutionary reveals that the healthcare sector accounted for 88 percent of all ransomware attacks it tracked during the first half of 2016.
In perhaps the highest profile healthcare case of this year, 434-bed Hollywood Presbyterian Medical Center in Los Angeles paid $17,000 in bitcoin ransom to obtain a decryption key and restore normal operations after a lockout.
Why is healthcare such a target?
A number of interrelated factors play into healthcare’s ransomware vulnerability:
- Hospitals and health systems store detailed personal information on patients to make it readily available in the course of care. Stolen health insurance credentials can be used to commit medical fraud, fetching 10 to 20 times more than credit card numbers on the black market.
- What’s more, perpetrators can often get financial, identification and health information all packed together within health system records.
- Healthcare providers rely on electronic records to stay operational. With patients’ lives potentially on the line during a ransomware attack, they may be more willing to pay up quickly than victims in other industries.
- Healthcare institutions don’t spend a lot of money on data security. Roughly 80 percent of organizations surveyed by HIMSS Analytics reported allocating less than 6 percent of their budgets on data protection.
- Healthcare is a consolidating industry, with major care organizations merging and acquiring other facilities. Integration of disparate information systems often leaves gaps that give hackers access to sensitive data.
- Hospitals typically don’t train employees on cybersecurity awareness.
What can be done?
Threat intelligence experts at Solutionary say healthcare organizations can counter the threat of ransomware by using off-site backups for their data — and the systems used to access that data. They should also test the backups regularly to ensure data can be restored quickly.
While providing data exchange services to healthcare organizations, NetDirector utilizes IT infrastructure provider Peak 10’s offsite data center to ensure online backups, data recovery capabilities, minimal to no downtime, and the most current security certifications.
With the major risk of self-managing data security, it makes sense for providers to use a trusted vendor like NetDirector to protect against ongoing threats such as ransomware.