In recent months, there has been a significant increase in ransomware attacks on healthcare organizations in the US. For this reason, owners must protect their healthcare businesses, particularly in these times when hospitals are under more significant pressure with an increasing number of patients.
Devastating Results of Healthcare Ransomware Attacks
The attacks are debilitating. In some instances, these ransomware attacks are rerouting patients to different hospitals. Rerouting had a devastating effect in Germany when a woman due to have lifesaving treatment died after being diverted to another hospital because of a ransomware attack.
In September this year, Universal Health Services, one of the largest health providers in the U.S., was hit by a ransomware attack. The attack sent their I.T. network offline for some days.
At first, hospital staff saw a few computers displaying “shadow universe,” a reference consistent with Ryuk ransomware software. Ryuk is run by a hacking group called UNC 1878, that attempts to extort large ransoms from corporate victims. Some ransoms can be as high as one million dollars, according to CNN.
UHS serves one million patients each year and has more than 400 facilities across the U.S., Puerto Rico and the U.K. As a result of the attack, many of the hospitals transferred to all-paper systems until the I.T. network was back online, causing significant disruption.
“UNC 1878 is one of the most brazen, heartless, and disruptive threat actors I’ve observed over my career,” said Charles Carmakal, senior vice president for U.S. cyber incident response firm Mandiant.
“Multiple hospitals have already been significantly impacted by Ryuk ransomware and their networks have been taken offline.”
Number of Attacks Increases in US
After the number of these cyber attacks began to increase, the U.S. Cybersecurity and Infrastructure Security Agency released a warning advisory in October concerning ransomware activity targeting health care facilities. The advisory urged healthcare facilities to strengthen preparations rapidly in case they are next.
Since July, the wave of ransomware attacks has affected hospitals in states including New York, Nebraska, Ohio, Missouri and Michigan.
In the last week of October, six hospitals were targeted on the same day.
The FBI is investigating the recent attacks that targeted dozens of U.S. hospitals with ransomware.
What Is Ransomware?
Ransomware is a malicious software designed to encrypt a victim’s files. The attacker prevents access to computer systems and can threaten to share data. The attacker will only restore the victim’s files once they pay a ransom of money.
For healthcare organizations, ransomware attacks can scramble data and make online systems inoperable. Previous attacks have downed patient record-keeping databases, which store updated medical information, thus affecting hospitals’ ability to deliver healthcare.
Ransomware attacks increased by 50% over the third quarter of the year, with the proportion of polled healthcare organizations impacted jumping to 4% in the third quarter from 2.3% in the previous quarter, according to Reuters.
Business owners must protect their healthcare organizations to avoid the devastating effects of ransomware attacks. Many choose to partner with an IT provider offering specialized IT security for healthcare industry businesses.
However you choose to protect yourself, it’s essential to be aware of and respond to this increasing threat.