Ransomware Poses a Rising Threat to Hospital Operations
The malware hinders operations and threatens patient care, making health care facilities and medical centers good targets for criminals.When Hollywood Presbyterian Medical Center admitted in February to paying a $17,000 ransom to decrypt data scrambled by malware, the only surprise was that the hospital's ordeal had become public. Health care organizations, such as HPMC, are under attack by cyber-criminals looking for easy money and nation-state actors seeking data. More than half of all midsize hospitals have signs of malware infections, according to data collected by the Health Information Trust Alliance (HITRUST). Much of the activity, however, has gone unreported. Yet, those same organizations are finding it difficult to remain mum as criminals turn to ransomware, a far more disruptive tactic. Already, some 18 percent of midsize hospitals have been infected with crypto-ransomware, according to the HITRUST study. While many businesses can continue to operate if their data is effectively destroyed, hospitals' operations are far more sensitive to disrupted access to data. "Most advanced malware and previous attacks [on hospitals] were intentionally conducted to not raise alarms—they focused on thievery," Daniel Nutkis, CEO of HITRUST, told eWEEK. "[C]rypto-ransomware—that creates a different dynamic; it wakes you up immediately."
Ransomware has evolved into a serious threat. Starting with early programs that locked Windows systems more than a decade ago, the increasing use of encryption-enabled malware shows how ransomware has become more sophisticated.