Frankly, this has been a terrible week for the entire healthcare industry. Multiple different healthcare organizations have been hit by ransomware attacks, each with far-reaching effects. This occurs when an attacker locks up sensitive data and holds it hostage until the organization pays a ransom.
Reported by the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR). 264% increase in ransomware incidents Reported to them over the past 5 years. This is not surprising given the vast amount of data that healthcare companies are tasked with collecting and storing, and the highly sensitive nature of this data. This data makes healthcare institutions prime targets for extortion, and hackers are certainly taking advantage of this.
We've seen this especially in the last week alone, with various healthcare organizations around the world either falling victim to ransomware attacks or releasing further information about ransomware attacks.
NHS ransomware attack exposes mental health data
On May 7, NHS Messrs Dumfries and Galloway confirmed that a large amount of personally identifying information belonging to both staff and patients had been published on the dark web. This data contains children's mental health information and was leaked after a ransomware attack launched against the organization.
The cyberattack occurred on March 15 after a ransomware group hacked NHS Dumfries and Galloway's computer systems and stole large amounts of data.
After the attack, the hackers began leaking data to the dark web as “evidence” that the data had been stolen, promising that more data would be leaked if the ransom was not paid. It also resulted in children's mental health data being leaked, in the words of NHS Dumfries and Galloway chief executive Julie White, an “absolutely abhorrent criminal act”.
Thousands of people could be affected due to the amount of data stolen.
Ascension Hospital's network goes down due to cyber attack
In the United States, ransomware has also caused an uproar against healthcare institutions. On May 8, a serious cybersecurity incident was reported that impacted Ascension Hospital's network.
The incident is said to have brought down the hospital's entire system, suggesting a ransomware attack was responsible for the disruption. Officials at the hospital at the time of the incident said doctors were using cellphones to communicate with staff and paper charts were being used. Both of these are tasks typically performed by a hospital's computer network.
Ascension is currently investigating the cyber attack and announced that some systems continue to be out of order.
Ransomware group blackmails NRS Healthcare
Another UK-based ransomware attack was against mobility aid manufacturer NRS Healthcare. More information about this attack came to light this week.
The attack, which occurred on March 29, took all NRS Healthcare services offline. Ransomware group RansomHUB has taken to the dark web to take responsibility for disabling phone lines, emails, and websites. The group also claimed to have stolen 578 GB of data and said NRS Healthcare should contact them “as soon as possible” to obtain the decryption key and “resolve” the data breach.
The stolen information is said to include more than 600,000 personal documents, including contracts, accounting documents, and financial reports. Although NRS Healthcare currently believes this information pertains only to internal portions of the network, it is possible that information related to customers may have been copied to internal portions of the network and accessed by hackers. I recognized it. .
Why are there so many healthcare ransomware attacks?
Medical institutions hold many very Important, Confidential, Confidential Information. This information can range from personal medical conditions such as HIV+ status, to information on sensitive topics such as abortion and infertility, to sensitive information related to criminal cases such as domestic violence and sexual assault.
In addition to this, in order to provide services to patients, healthcare organizations collect and maintain a number of personal information from patients, such as home address, email address, phone number, and name.
The sensitive and private nature of this information, and the fact that patients generally do not want this information to be made publicly available, makes healthcare organizations a prime target for hackers. Stealing information, encrypting it, and threatening to leak it unless the organization pays a ransom puts healthcare providers in a very difficult situation.
Either you pay a hacker to protect your information against cybersecurity best practices, or you don't and your data is compromised. Of course, his third option is for organizations to pay money to hackers, but in that case the information would be leaked regardless and these organizations would be in a losing position.
That being said, this is why implementing good cybersecurity is so important for these healthcare organizations. Take, for example, the Change Healthcare cyberattack that occurred in February of this year.
After this attack, it was revealed that the Citrix Portal hacker used to break into Change Healthcare's network did not have multi-factor authentication (MFA) enabled and used stolen credentials to access the network. became.
Nevertheless, the hackers may have been able to gain access to United Healthcare's systems, a step that would have slowed down the attack or alerted the company that the hackers were on the network. There is a possibility that the impact of cyber-attacks can be reduced.
