<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=176170952734135&amp;ev=PageView&amp;noscript=1">


Un-complicating Healthcare IT

Ransomware: How Hackers Are Posing A Major Threat To Your Hospital

May 19, 2016 10:50:16 AM Posted by Lanny Hart | Technical Architect, IT Security Officer

ransomware-hackers-affecting-healthcare.jpgMore than half of hospitals nationwide reported last month that they were faced with a ransomware threat during the past year. Does your healthcare organization fall into that category?

Ransomware is a form of digital extortion that’s been gaining popularity over the last year. With this type of malware, hackers encrypt a party’s files, hold the files ransom and demand payment to free them. Unfortunately, hospitals pose a particular temptation for these hackers.

What You Need To Know About Ransomware

FACT: There are three common varieties.

  • Locker ransomware – The user is locked out of a device, but the system and files are not impacted.
  • Crypto ransomware – The user is locked out of a device for a set amount of time. If the ransom isn’t paid, the device’s decryption kill is deleted and all the files on the device are destroyed.
  • Hybrid ransomware – Hackers blend both locker and crypto ransomware, using features of both varieties.

FACT: It only takes one “small” breach.

Recently, an Indiana-based hospital fell victim to a ransomware attack. The hospital powered down all of its IT systems when it was discovered that the files of a lone employee had been corrupted by ransomware. While this may seem like an extreme measure to most employees, IT directors know how viruses like this can spread like wildfire. Before long, that single employee’s corrupted files could have been spread throughout the company. It only takes one small breach to impact your entire operation.

FACT: The ways in which ransomware infiltrates your system are numerous.

  • Malvertisement – A user clicks on a malicious ad and is taken to a landing page.
  • Phishing email – One click on an attachment in a scam email could compromise your entire system.
  • Downloaders – Malware is exposed to systems in stages, making it more difficult to recognize.
  • Social engineering – Social engineering manipulates users into introducing ransomware into their own systems by breaking security protocols.
  • Self-propagation – This variety of ransomware has some functionality that causes continuous spread through a system.
  • Ransomware-as-a-service – Experienced hackers may outsource ransomware to fellow cyberattackers.

FACT: Ransomware is constantly evolving.

As IT security leaders and users increase fortification against ransomware, new types of ransomware evolve, posing a constant threat. For example, a new breed of ransomware has begun infiltrating devices through a resume attachment in an email. The smarter users get, the smarter hackers get at proliferating the danger.

How To Guard Your Hospital IT System Against Hackers

With so many threats posed by ransomware, it might seem impossible to ward off breaches. However, there are a number of impactful security measures you should take to fortify your systems.

  1. Educate. Ransomware, in many cases, capitalizes on human error. One of the first, most important security measures you should take is educating your team. They need to know what kind of threats to be on guard for, and security standards should be set to prevent potentially harmful downloads.
  2. Perform AND TEST regular backups. You must be regularly backing up your hospital IT systems. Because ransomware poses the threat of lost or corrupted data, having a second set of data is essential.
  3. Implement an Archiving Strategy: You can be performing electronic backups every night, but if you over-write last night’s good backup with the infected data because you didn’t know yet that it had been corrupted, you’ve just lost your ability to recover. By establishing an archiving strategy (we have a best practice standard if you’d like to hear about it!), you have backups that go back beyond the last day or two, which provides you with likely a clean backup to restore from.
  4. Plan. Before a potential security breach occurs, create a plan of how you’ll combat one. Proactive planning helps you identify what to do when a ransomware attack occurs and allows you to act quickly and purposefully. It may give you the upper hand, so you don’t have to pay the ransom for your data.
  5. Partner. Hospital IT directors face a huge, overwhelming task when it comes to fending off ransomware. To ease this burden, our cybersecurity team helps hospitals prepare for and stop breaches from ever occurring. In fact, just a few weeks ago, we were able to prevent an infected device from spreading into any other devices or areas of the hospital and were able to recover with no lost data! In another recent example, we were able to proactively detect an attempt to infiltrate and stopped it before it found a target.

Ransomware is an evolving threat that could damage your systems, put sensitive patient information at risk and harm your organization financially. It’s a serious, ongoing danger to hospitals. But, with the right approach, you have the power to mitigate this risk and keep hackers at bay.

Want to learn more about fortifying healthcare IT security? Talk to an ICE representative today.

Talk To An ICE Representative Today

If you’re an Iowa hospital, join us on June 2 for our Cybersecurity Summit at the Iowa Hospital Association headquarters. For more information, email Chad Watters, IHA Director of IT Services at wattersc@ihaonline.org If you are outside of Iowa, watch our social media sites for events near you. 

Lanny Hart | Technical Architect, IT Security Officer

Lanny has been with ICE since 2004, beginning as a Systems Engineer. He is currently the Technical Architect and IT Security Officer, guiding healthcare organizations towards better network performance through ICE’s Healthcare Grade Network standards. He also serves clients with risk assessments, IT security audits, and and is the security expert for the ICE internal team as well.