toggle accessibility mode
Healthcare Ransomware

Are Healthcare Systems Being Held Hostage by Ransomware?

By John DiGiacomo

Healthcare ransomware is one of the biggest cybersecurity concerns in existence and it may have particularly serious implications for healthcare systems. Ransomware is a form of malicious software code that is somehow installed on a computer or provided access to vulnerable system network where the data on the computer or in the network is either encrypted or locked by the ransomware so that it cannot be accessed by authorized users. Effectively, a victim’s data is held hostage by the ransomware and cannot gain access to the locked or encrypted data until the victim pays a ransom. Ransoms are generally fairly low, which entices victims to simply pay the ransom to get access to their data again.

Security Breaches and Healthcare Ransomware

One industry that is particularly vulnerable to ransomware cyberattacks is the healthcare industry. Healthcare systems rely significantly on patient data that they collect, transmit, and process. If a hacker seizes a healthcare system’s data, it can be debilitating for its operations. Most healthcare centers are highly dependent on their automated and computer systems, and rendering these systems inaccessible through the use of ransomware effectively leaves the healthcare system in the stone age. Operations at the healthcare system must go on despite the attack, meaning that staff must rely on handwritten notes and reading and reviewing paper patient files as opposed to digital ones.

Cybersecurity Statistics: Instances of Ransomware Attacks

According to a 2015 Industry Drill-Down Report by Raytheon/Websense, there are two pieces of randsomware that are ravaging the healthcare industry’s cybersecurity: Cryptowall and Dyre.

Healthcare systems are four and a half times more likely to be impacted by a Cryptowall ransomware than businesses in any other industry. Cryptowall is ransomware that encrypts certain file types using RSA public-key cryptography. The private key for decryption is stored on the attacker’s servers. Nearly 625,000 systems were infected with Cryptowall ransomware in 2015.  

Dyre is a Trojan malware that collects banking information for malicious purposes. The healthcare industry is 300 times more likely to be affected by the Dyre ransomware than any other industry.

14 Healthcare Systems Held Hostage by Ransomware in 2016

As of October of this year, 14 hospitals and healthcare systems had been held hostage by ransomware attacks, according to HealthcareITNews. Healthcare systems all across the country were affected, including:

  • Hollywood Presbyterian Medical Center
  • New Jersey Spine Center in Chatham, New Jersey
  • Kansas Heart Hospital
  • MedStar Health in Washington, D.C.

Many of these healthcare organizations ultimately paid the ransom to gain access to their data. However, a few were fortunate enough be spared having to pay the ransom. In those cases, the infected computer or server was quickly identified and isolated before the problem could spread.

UK Health Systems Locked Down by Ransomware

A recent, and pretty scary, healthcare system hacking involved computer systems at 16 hospitals in the United Kingdom that were simultaneously taken hostage by hackers. A ransomware attack rendered the computer systems useless, and because the hospitals could not access patient records, test results, or medical scans, patients were turned away from the affected hospitals in droves. While similar cyberattacks have happened in the United States, for example the 2016 attack on Hollywood Presbyterian Medical Center, the ransomware attack on the 16 UK health institutes is the most recent occurrence of healthcare systems being taken hostage by hackers.

Recent Healthcare Data Breaches

Healthcare computer systems and servers are highly attractive targets for hackers because healthcare computer systems harbor the most useful three pieces of personal identifying information that can be used for fraud and identity theft – names, Social Security numbers, and dates of birth. With these three pieces of important and essential personal identifying data, hackers, fraudsters and impersonators can do virtually anything they would like.

There has been a significant increase in the number of cyberattacks that have occurred in just 2017 alone. The number of cyberattacks reported in March surpassed the number of cyber attacks that were reported in January and February combined, according to Healthcare ITNews. The March, attacks alone affected more than 1.5 million patients. This is a persistent problem for which it is difficult to manage. Being prepared for a data breach is sometimes the best that healthcare systems can do. Below are a few examples of recent healthcare data breaches.

IVF Clinic’s Server Hacked in New Jersey Discovered

In late February, the New Jersey Diamond Institute for Fertility and Menopause discovered a serious breach of patients’ electronic health records. The health data of more than 14,500 patients was exposed in the incident, and officials are unclear when the breach was initiated. While some of the data that was contained on the breached server was encrypted, a multitude of other supporting medical documentation was stored in an unencrypted fashion on the affected server. Personal identifying information that was exposed in the breach includes:

  • Names
  • Addresses
  • Date of birth information
  • Social Security numbers for patients
  • Sonograms
  • Lab results

New Jersey Diamond Institute for Fertility and Menopause immediately reset all passwords for the system upon discover of the data breach, and updated its firewall protection software. Affected patients are currently being notified about the breach, and are being offered free credit monitoring services.

Cyberattacks made on healthcare systems are occurring more frequently than anyone would like and healthcare systems are trying to keep up with their computer system safeguards. Ransomware is a cybersecurity threat that is more and more commonly being used against healthcare systems. Despite best efforts, cyberattacks keep successfully happening, and when they do, patients are the ones who suffer the most.

Revision Legal works with companies and healthcare systems to help manage cybersecurity issues and the aftermath of a cybersecurity breach. Contact the experienced healthcare data breach lawyers at Revision Legal. Please feel free to reach out to us today. Contact us using the form on this page or call us at 855-473-8474.

Editor’s note: this post was originally published in December, 2016. It has been updated for clarity and comprehensiveness.


Put Revision Legal on your side