Hospitals and health care systems across the United States are increasingly the targets of ransomware attacks in what is thought to be a coordinated cybercrime effort by Russia. The Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and the Department of Health and Human Services issued a warning on October 28 (and updated on November 2) warning the health care industry of the “increased and imminent” threat of ransomware attacks.
While hospitals and health care systems have been hit by ransomware attacks in the past, they have been particularly vulnerable to ransomware and other cyberattacks since the start of the global pandemic. Since mid-summer, hospitals in multiple states have been attacked by some form of ransomware.
Ransomware is a form of malware that encrypts a victim’s files. Once in the system, generally through a spoofing or phishing attack, the hacker then demands a ransom from the victim in order to restore access to the data upon a payment. Victims are generally shown instructions for paying the fee in order to get the decryption fee. Typically, paying the ransom is not advised, absent extenuating circumstances.
While the health care industry appears to be the target here, cybercriminals may be emboldened by the recent attacks and target other industries. In order to prepare, organizations should:
Most importantly, and given the potential to let the cybersecurity guard down to focus on other issues like the pandemic, it’s imperative that organizations continue to remain vigilant and prepared for these types of attacks.