Ransomware in Healthcare: 5 Attacks on Hospitals & Lessons Learned
20
Ransomware Attacks on Hospitals (And What We Can Learn From Them) TM
-
Upload
barkly -
Category
Technology
-
view
1.135 -
download
0
Transcript of Ransomware in Healthcare: 5 Attacks on Hospitals & Lessons Learned
Ransomware Attacks on Hospitals(And What We Can Learn From Them)
TM
TM
Hollywood Presbyterian Medical Center
The Details
TMHollywood Presbyterian Medical Center • 5 Ransomware Attacks on Hospitals
Hollywood Presbyterian was early 2016’s most-talked-about ransomware attack by far, thanks in part to the $17,000 ransom demand. Not only did that amount dwarf the typical ransom demand of $300, the thought of paying that much money to hackers was enough to make everyone’s stomachs church, especially when Hollywood Presbyterian actually forked over the Bitcoin.
The hospital suffered 10 days of downtime as a result of this ransomware attack, losing access to electronic medical records and even being forced to turn some patients away.
What We Can Learn From It
TMHollywood Presbyterian Medical Center • 5 Ransomware Attacks on Hospitals
Now that attackers know hospitals are willing to pay larger amounts to regain access to their systems, we need to plan for the likelihood of ransomware demands continuing to rise.
Ransomware’s impact isn’t limited to encrypting documents. Losing access to crucial systems and files can cause widespread disruption to a hospital’s services and basic operations.
TM
MedStar Health
The Details
TMMedStar Health • 5 Ransomware Attacks on Hospitals
MedStar Health is one of the largest healthcare systems to be attacked by ransomware to date, with ransomware affecting 10 hospitals and more than 250 outpatient centers operating in the Washington, D.C./Baltimore area.
In reference to the ransomware attack, Craig DeAtley, Director of Emergency Management said, “If there was one surprise, it was the rapidity with which we lost everything. The near immediacy and completeness of the loss was surprising. We were practiced at individual workarounds, but we had never prepared to lose everything.”
DeAtley also mentioned that each facility had their own separate downtime plan, making it difficult to manage an attack that was so widespread.
What We Can Learn From It
TMMedStar Health • 5 Ransomware Attacks on Hospitals
The danger of the MedStar Health attack is in the precedent it sets. If hackers can get away with going after a larger target like MedStar Health, it only encourages them to keep going.
It isn’t enough for organizations to have a disaster recovery plan – they also need to practice it. One of the best ways to prepare for ransomware is to run through attack scenarios and make sure everything is in place.
Each facility had their own downtime procedure to fall back on, but this event reinforced the need to take a broader, more comprehensive look at cybersecurity. If you work for an organization with more than one location, think about how you can standardize security efforts to streamline processes in the event of an attack that spreads.
TM
Kansas Heart Hospital
The Details
TMKansas Heart Hospital • 5 Ransomware Attacks on Hospitals
The Kansas Heart Hospital in Wichita, Kansas was hit with ransomware in May of 2016. They paid the ransom, thinking they would get access to their files, only to get partial access and a follow-up demand for more money. They refused to pay the second ransom request.
What We Can Learn From It
TMKansas Heart Hospital • 5 Ransomware Attacks on Hospitals
Paying the ransom doesn’t always guarantee you’ll get your data back.
According to FBI Cyber Division Assistant Director James Trainor, paying the ransom also emboldens cyber criminals to target more organizations and might inadvertently mean you’re funding other illicit activity associated with criminals.
TM
Christopher Rural Health
The Details
TMChristopher Rural Health • 5 Ransomware Attacks on Hospitals
Christopher Rural Health, a small network of health centers and clinics in Illinois, was hit with ransomware, but decided to not pay the ransom. They were able to restore from backup, instead.
While the attack, itself, may not be remarkable, stories of companies who manage to recover from ransomware without paying the ransom unfortunately get very little coverage.
What We Can Learn From It
TMChristopher Rural Health • 5 Ransomware Attacks on Hospitals
This example shows the importance of maintaining good backups. Without the proper recovery and time objectives for their backups, they would have had to make a tough choice between going forward with only a fraction of their data recovered or paying the ransom to get it all back.
Restoring from backup should really be considered a last resort. Learn five steps you can take to make sure it’s a realistic option when you need it most.
TM
Methodist Hospital
The Details
TMMethodist Hospital • 5 Ransomware Attacks on Hospitals
Methodist Hospital in Kentucky was hit with Locky in March of 2016. The ransom was $1,600, which is not small by any means, but is much less than some of the high profile attacks this year.
David Park, the hospital’s attorney, said the main effect of the infection has been downtime, which forced the hospital to process everything by hand on paper.
What We Can Learn From It
TMMethodist Hospital • 5 Ransomware Attacks on Hospitals
According to a report from The AC Group, it takes physicians double the time to perform admin tasks manually when their EHR system is down.
Downtime is the biggest cost of a ransomware attack. This is why it’s so important to stop ransomware before it infects your system in the first place and to have a good disaster recovery plan in place so you can get everything back up and running quickly after an attack.
TM
Hospitals that Prevent Attacks (This Could Be You!)
The Details
TMHospitals that Prevent Attacks (This Could Be You!) • 5 Ransomware Attacks on Hospitals
Healthcare IT security isn’t a hopeless effort. There are hospitals that are dealing effectively with ransomware attacks every day.
What We Can Learn From It
TMHospitals that Prevent Attacks (This Could Be You!) • 5 Ransomware Attacks on Hospitals
Make sure your organization has a strong cybersecurity stack. It’s not enough to rely solely on traditional antivirus. Go through the checklist at the end of our eBook, Ransomware Protection 101: A Healthcare IT Handbook to see if your organization is prepared to prevent, react to and recover from a ransomware attack.
Hate Ransomware? So Do We.
Barkly is a new layer of protection you can use on top of antivirus to stop ransomware before it encrypts a single file. We use sophisticated behavioral analytics to detect and stop malware that hides from signature-based protection. Barkly’s protection is automatic, and doesn’t require security expertise or administrator action to work.
See How We Work
TM
© 2016 Barkly Protects, Inc. All rights reserved.
