Hancock Regional Hospital in Indiana has been forced to operate with pen and paper after a ransomware attack on Friday. IT security experts commented below.
Joseph Carson, Chief Security Scientist at Thycotic:
“Sometimes a simple click on a harmless looking email could bring critical systems to a standstill and doctors staring at blank screens.
Hospitals are exposed to ransomware and need to seriously consider the consequences of not prioritising cybersecurity effectively. Hospital’s face the challenge of deciding whether to upgrade systems to the latest version of the patched software or more doctors and nurses, this is the crucial decision that the leaders must decide. When ransomware hits the hospital, it could mean that the doctors and nurses become restricted to what they can actually do as a result from their access to sensitive information not being available. Hospitals now face the challenge again with recent vulnerabilities like Spectre and Meltdown on whether to patch and expose systems to poor performance or keep the systems operational though exposed to cyber threats. For Hospitals sometimes keeping doors open means keeping systems running and with ransomware this is the threat exposed. Last year in the UK many hospitals had to close their doors and again this example shows the threat is now and the threat is real.
Ransomware is a very destructive variant of malicious malware that makes critical systems and sensitive information inaccessible until a ransom is paid.
Ransom is typically demanded in bitcoin with a 72-hour window to pay before the key is deleted and data is irreversibly lost. The impact this can have on an organization is: temporary loss of systems and access to sensitive information; downtime of operations; financial impact or loss, and incalculable reputation damage. The most recent variants of ransomware have gone into stealth mode. This means they avoid detection by hiding under the radar from traditional Anti-Malware software that scans the hard drive for malicious software.
The destructive nature of Ransomware and the impact it’s had on individuals and organizations globally has prompted the Department of Homeland Security, US-CERT and the FBI to release alerts encouraging organisations to take this threat seriously before it’s too late.”
Raj Samani, Chief Scientist and Fellow at McAfee:
“Cybercriminals are increasingly looking to cause as much public disruption as possible, and as part of this the global health industry has become a prime target. As the healthcare industry races to become more efficient and digitise processes where possible, the industry has become extremely vulnerable to attack.
In order to combat this trend, and reduce the growing numbers of attacks on public services, the cybersecurity industry needs to make threat intelligence sharing an absolute priority. Traditionally many companies see their intelligence as a way of gaining a competitive advantage, however as the amount of disruption continues to increase, 2018 needs to be the year where intelligence sharing after a successful attack becomes the norm.”