Backups Saved 16,000 Patient Records from Ransomware
Cyber attacks on hospitals and other healthcare institutions have increased over the last 18 months, in part because they make attractive targets for the cybercriminals who spread ransomware, according to the latest research.
A recent survey conducted by the American Medical Association found that 83% of physician's practices have experienced some type of cyber attack. Among the survey's other key findings:
• 55% of physicians are very worried about the possibility of future attacks.
• 74% of physicians cite interruption to their practice as their primary cybersecurity concern.
• 53% of physicians are concerned about patient safety when it comes to future cyber attacks.
Why healthcare facilities?
Cybercriminals target healthcare facilities for two main reasons: Many fail to properly back up patient and administrative data, which makes them more likely to pay cybercriminals who encrypt their digital files with ransomware.
But more importantly, hospitals are more likely to pay a ransom to cybercriminals because they're concerned that a prolonged interruption to IT systems will have a negative impact on patient health.
The good news is that some healthcare facilities—those who have invested in reliable backup—can survive a ransomware attack without having to pay the ransom. All they have to do is remove the virus from infected computers and download clean versions of their files from backup.
That was the case when New Jersey-based Hackensack Sleep and Pulmonary Center suffered a ransomware attack last September. The ransomware got into the facility's electronic medical records (EMR) system and encrypted 16,476 patient files, according to published reports.
When medical staff attempted to access the EMR, they realized that the system was inaccessible and received a note that threatened to destroy all the files if a hefty ransom was not paid.
But the Hackensack Sleep and Pulmonary Center had backups of all it's files. Instead of paying the ransom, the staff restored the data and got back to the work of helping patients.
Advice for healthcare facilities
As a healthcare facility, the first thing to look for when evaluating backup and disaster recovery solutions is whether they support your efforts to comply with the Health Insurance Portability and Accountability Act (HIPAA), which regulates how patient data is handled and stored.
Once you've chosen and implemented the right backup system, make sure that backup files are segmented from production networks. This will ensure that the files remain clean if ransomware or another form of computer virus infects production systems.
Lastly, ensure that IT staff knows how to restore systems and data quickly and efficiently when needed. A backup is only as good as your ability to restore data—so be sure to test backups and practice recovering data on a regular basis.
Husband | Father | Leading Awesome People | Honeywell Sparta Systems
3yTesting and refinement of backup and disaster recovery run-books is a must. Keep a documented process, defined responsibilities set RTO's and RPO's, test against those. It's a dance that will save your company and if teams are not practicing this dance they will fail.
CISO-as-a-Service | SOC2 | VAPT | Securing Your Startup
5yI'm just glad to see that hospitals start protecting themselves against these lowlife Cybercriminals!
Deputy of DPA & CSO
5yhi, i can help infected users by New Dharma Ransomware (arrow, bip, java, cezar and arena extensions), in order to analysis please send me 2-3 encrypted files by email (mcerdem82@yahoo.com)
Global Data Privacy & Security Leader
6yEven though the data may be able to be recovered, there is the issue of reporting to U.S. Department of Health and Human Services (HHS) about the "breach" under HIPAA. And then the review of what led to the malware getting into the system as well.