On the heels of the May 12 WannaCry malware attack that infected more than 300,000 computers in at least 150 countries — the largest hack in nearly a decade — investigators continue to evaluate what happened while victims assess the resulting damage.
The exploit emerged as ransomware, which encrypted files stored in unprotected computers and effectively held them hostage to demands for money in exchange for decryption.
“The suspected syndicated attack is … using a particularly nasty form of malware that can move through a corporate network from a single entry point,” noted Simon Crosby, chief technology officer of cybersecurity firm Bromium. He added that healthcare organizations, governments, police and fire departments and military organizations are “massively vulnerable.
The outbreak started in Europe and in one of the most significant impact zones affected about 20 percent of the United Kingdom’s publicly funded National Health Service. Routine surgeries and outpatient appointments were canceled, while seven hospitals had to divert emergency patients due to disruptions, BBC reported, although media accounts said patient data had not been accessed.
WannaCry manipulated flaws in Microsoft’s Windows operating system that had not been updated by many of the targets. While analysts believe elements of the malicious software had been leaked by a hacking group from a trove of cyber-attack tools held by the U.S. National Security Agency (NSA), Microsoft reportedly was aware of the Windows weakness and had issued a free fix on March 14.
“Say what you want to say about the NSA or disclosure process, but this is one in which what’s broken is the system by which we fix,” commented Zeynep Tufeki, a professor at the University of North Carolina.
Hackers target healthcare
The 2017 Healthcare Breach Report, compiled by data protection firm Bitglass from U.S. Department of Health and Human Services records, reveals that 328 U.S. healthcare organizations disclosed data breaches in 2016, up from 268 the prior year. All five of the largest breaches were the result of hacking and IT incidents in 2016, according to the report. What’s more, network servers were almost always the targets for hacking-related breaches.
Robert Herjavec, CEO of a global information security company (but perhaps more widely known as one of the venture capitalist investors on the television show Shark Tank), recently told Healthcare IT News that the industry needs to prioritize a proactive approach to security.
Herjavec emphasized that providers are vulnerable to hacks in part because they are highly dependent on information systems, but it is difficult to keep them up-to-date and refreshed with current security patches. He added that large projects “can take years, and security considerations and proactive protection often fall by the wayside during these transitions.”
In general terms, he recommends increased use of account access management tools while restricting access to HIM systems to the greatest extent possible. Additionally, as shown in the WannaCry incident, operating systems must be updated regularly and endpoints patched aggressively — all while staff and clinicians receive training on cybersecurity risks and challenges.
NetDirector recognizes that unknowns in cybersecurity will always create gaps between emerging exploits and preventive measures. That’s all the more reason for the company to stay ahead of the curve in its technology development. With its HealthData Exchange platform, for example, clinical and financial data move electronically among disparate systems via a cloud-based solution that fully complies with HIPAA and SOC2 standards. NetDirector securely processes over 10 million data and document transactions per month for its healthcare clients.