What providers need to know about ransomware

Apr 19, 2016 | Healthcare Industry News

At a time when the health care industry has already been notoriously unlucky with security, hospitals are being hit with another challenge: ransomware. According to the Institute for Critical Infrastructure Technology, 2016 will be "the year of ransomware." For that reason, it's important that all health care systems understand what ransomware is and how it may affect them in the future:

What is ransomware?
Essentially, ransomware is a type of malware that either encrypts or locks essential files on a computer, barring the user from accessing them. To unlock the system, users must pay the hacker a fee – hence the name "ransomware."

Typically, these demands are relatively small. According to CNNMoney, hackers tend to attack more than one person (or hospital) at a time, asking for relatively small amounts from each. This strategy usually guarantees that the ransom is paid.

How many hospitals have been affected?
While there are no concrete statistics on how many hospitals have been hit by ransomware in the past year, a quick search of recent attacks is indicative of how rapidly the problem is spreading. 

In the biggest case thus far, Hollywood Presbyterian was forced to pay $17,000 to hackers after its system was locked. Recently, Alvarado Hospital Medical Center in San Diego became the latest victim of ransomware. Two other hospitals in its system, Prime Healthcare, were also impacted within the past month. This follows the idea that hackers attack victims in groups to accrue money, rather than targeting one for a large sum. With more of these cases making headlines, the attacks are only expected to persist.

"Now that we've got some publicity over the fact that healthcare is easy to get into and that they will pay ransom, it's going to be a bigger target," David Finn, Symantec health IT officer, told HealthITSecurity. "It isn't going to abate."

Are there other ways to get rid of it?
Unfortunately, there is no guarantee that paying the ransom will free the computer system. While it's technically possible to bypass ransomware encryption without paying, the health care industry has had a particularly challenging time with it. Hospitals, especially, don't have the right IT talent or means to obtain it.

For this reason, hospitals are encouraged to back up information on other devices, especially since they're dealing with such critical data. In the event of a ransomware attack, they'd be able to get rid of affected systems without the risk of losing data or delaying treatment to patients.

How can you avoid it?
There are other steps that hospitals can take to avoid the wrath of ransomware, though. According to ICIT, the malware is often downloaded from a website, phishing scam or malicious attachment in an email. Once it's on the computer, it blends and acts like a part of it, making it nearly impossible for security applications to intervene. That's why it's so important to avoid them in the first place, which starts with having a multi-tiered approach to security, using as many tools and resources as possible. One such resource is your staff. In its report, ICIT encourages hospitals to regularly train their staffs on identifying and sidestepping these threats.

With these attacks on the rise, it's not only important but necessary for your staff to know how to spot suspicious activity. For more information and training seminars to strengthen your employees, contact Professional Medical Services today.