Kansas Heart Hospital thought it was in the clear when hackers demanded a ransom and it promptly paid up. Then, the attackers demanded more money, revealing one of the biggest problems with ransomware: it is only expected to get worse.
According to industry experts, Kansas Heart was the second hospital on record to publicly acknowledge that they paid the ransom, after Hollywood Presbyterian in February coughed up $17K.
Kansas Heart worked with consultants to determine that paying the second ransom would be unwise — and the hackers, who hospital staff believe are part of an offshore operation, responded by refusing to unlock the second batch of data.
The healthcare industry is becoming an easy — and frequent — target for hackers, as it often struggles to keep up with the finance and retail industries regarding data security. Industry experts believe that the appeal of a ransomware strategy to hackers lies in part with the easy money: while the hackers might demand multimillions, they will often accept payments in the tens of thousands instead—but as Kansas Heart found out, sometimes that doesn’t get you where you want to be. These days, once they know they have their victims on the hook, hackers are demanding a second round of money from their victims.
Recently, Healthcare IT News and HIMSS Analytics conducted a survey that determined the bigger problem when it comes to ransomware is a lack of comprehensive business continuity plans and a poorly educated end-user who may not know how to handle the situation when it occurs. An IT managed services provider can take some of the uncertainty out of how to handle a ransomware attack, as they educate their end user clients and collaborate with them in constructing a comprehensive, effective business continuity plan specifically designed for their individual business’ needs.
Industry experts agree that many healthcare organizations don’t really have a handle on how they will handle a ransomware attack once it actually occurs, admitting that it becomes more of a “game day” decision to be dealt with after the attack has taken place. High profile hospital attacks are increasing the awareness of this threat, revealing the widespread random nature of the attacks: in the last year alone, Chino Valley Medical Center, Desert Valley Medical Center, MedStar Health, and Methodist Hospital in Kentucky have all been affected.
And that’s just a small list of the high profile cases — there are many more healthcare institutions that don’t even know that they have been targeted. According to Healthcare IT News, potentially “75 percent of U.S. hospitals responding to a poll this week could have been hit with ransomware in the last year…and a chunk of those might not even know it.”
The attackers are savvy and constantly evolving in response to the protective measures taken against them. They know there is easy money to be made by deploying ransomware techniques, and once they lock down your data, your choices are really very limited.
The best way to handle ransomware is to prevent it from occurring in the first place, and by having a monitored IT security plan in conjunction with disaster and business continuity plans designed by your IT managed services provider.
403Tech Inc is the trusted IT security provider when it comes protecting your business’ valuable IT infrastructure and data. We constantly strive to stay ahead of the latest information technology security innovations, tips, and news. Contact us at (403) 215-7506 or send us an email at [email protected] for more information.
403Tech is one of the Top 50 Managed IT services companies in Canada.