Ransomware Threats Show Hospitals Aren’t Prepared

Key Takeaways

  • Federal agencies last week revealed a ransomware threat against US hospitals.
  • More than half of the medical institutions aren’t prepared to defend against cyberattacks, one expert said.
  • The ransomware, called Ryuk, affected at least five US hospitals last week.


Luis Diaz Devesa / Getty Images

A recent ransomware threat against hospitals highlights the fact that many medical institutions aren’t prepared to handle cyberattacks.

Last week, the FBI warned that hackers could be targeting the healthcare and public health sector with ransomware. Such an assault could shut down hospitals that are already under strain from the coronavirus. Health centers have not prepared sufficiently for such attacks, experts say.

“We found that 66% of hospitals do not meet the minimum security requirements as outlined by the National Institute of Standards and Technology (NIST),” Caleb Barlow, CEO of CynergisTek, a cybersecurity firm focusing on healthcare, said in an email interview. “In the midst of a pandemic when travel, tourism, and education have been severely hampered, healthcare is open and a soft target for hackers. 

“A ransomware attack on a hospital or healthcare organization often involves a kinetic impact as patients are diverted. This potential impact on patient care increases the likelihood that organizations will pay the ransom.”

A ‘Credible’ Threat

In a joint alert last week, the FBI and two federal agencies said they had credible information of “an increased and imminent cybercrime threat” to US hospitals and health care providers. The agencies said groups are targeting the healthcare sector with attacks aimed at “data theft and disruption of healthcare services.”

“We found that 66% of hospitals do not meet the minimum security requirements as outlined by the NIST.”

The ransomware, called Ryuk, affected at least five US hospitals last week. Like most ransomware, this strain can distort computer files into meaningless data until the target pays whoever launched it.

“Ryuk can be difficult to detect and contain as the initial infection usually happens via spam/phishing and can propagate and infect IoT/IoMT (internet of medical things) devices, as we’ve seen this year with radiology machines,” Jeff Horne, CSO of cybersecurity firm Ordr, said in an email interview. “Once attackers are on an infected host, they can easily pull passwords out of memory and then laterally move throughout the network, infecting devices through compromised accounts and vulnerabilities.”

Under Siege From Ransomware

For more than a year, the US has been assaulted by ransomware attacks. An attack in September crippled 250 facilities of the hospital chain Universal Health Services. Employees were forced to use paper for records and lab work was impeded.

“Hospitals have been attacked in this way previously, but with the pandemic plus everyone relying on digital applications more than ever, we’re seeing an increase in these attacks,” Sushila Nair, CISO at IT consultancy NTT DATA Services, said in an email interview.


Suebsiri Srithanyarat / EyeEm / Getty Images

Healthcare organizations have underestimated the threat, experts say, and normal antivirus software isn’t enough to fend them off.

“These ransomware attacks are run by sophisticated attackers and malicious developers operating more like a criminal company with customer service, online support, call centers, and payment processors,” Horne said. “Just like a modern customer-focused business, they have people who respond to questions, assist with payment and decryption, and are very organized.”

“This potential impact on patient care increases the likelihood that organizations will pay the ransom.”

Not all experts agree that hospitals aren’t prepared for cyberattacks, however.

“Healthcare organizations move quickly to remediate flaws in their applications, in part because they deal with high volumes of sensitive information,” Chris Wysopal, Chief Technology Officer and co-founder of cybersecurity firm Veracode, said in an email interview. “Another contributing factor may be that healthcare companies are using more than one type of application security scan, allowing them to find and fix more flaws than if they used just a single type of scan, such as static analysis alone.” 

With coronavirus cases trending upwards, the last thing hospitals need now is for their computer systems to be crippled. Let’s hope they don’t have to go back to paper and pencil to record COVID-19 test results.

Leave a Reply

Your email address will not be published. Required fields are marked *

Related

COMPUTERS NEWS

What’s Next for the Mac in 2021?

Key Takeaways Apple plans to switch all its Macs to Apple Silicon chips within two years. The current iMac is due for an update—its design dates back to 2008. This year’s Pro Macs may get a hot-rodded version of the M1 chip. Apple With new chips, a new iMac, and new laptops, 2021 might be […]

Read More
COMPUTERS NEWS

Will CES 2021 Be the Battleground for New Computer Chips?

Key Takeaways Apple’s successful introduction of its custom, in-house Apple Silicon will challenge the fragmented PC market. The battle between Intel and AMD is intensifying, with AMD Ryzen processors coming to many mainstream laptops. Consumers buying a Windows laptop in 2021 will have the most choice in over two decades. Jeremy Laukkonen / Lifewire Apple […]

Read More
COMPUTERS NEWS

Dell’s New Monitors Are Made for Remote Work

Key Takeaways Dell’s new monitors have a button just to launch Microsoft Teams. They also feature a built-in camera, speakers, and microphone, and blue-light reduction. In the future, office tech might be more home-office friendly. Dell Dell’s just to launch Microsoft Teams, along with built-in microphones and pop-up webcams. In short, they’re the perfect monitors […]

Read More