Data Access is Becoming an Issue for Hospitals

Cyber Ransom Blog

Cyber ransoms are a real thing, and one may soon be affecting a hospital near you if it hasn’t already.

Last month, Methodist Hospital in western Kentucky was operating “in an internal state of emergency” because a part of its computer network had been rendered useless. It all happened thanks to something called ransomware, a type of computer virus that encrypts computer files. It wasn’t the first hospital to be hit in such a way, and it probably won’t be the last.

"[Hospitals] have critical information and money to pay," said Ed Cabrera, an executive at cybersecurity firm, Trend Micro. "They're seen as easy targets."

Cabrera’s firm actually predicted such ransoms would become an ongoing issue when they pronounced that “2016 will be the year of online extortion.” Below is an excerpt from their proclamation.

In the past decade, cyber extortionists made use of ransomware to trick online users to make them fall for their tactics. This was done by exploiting one’s fears to coerce victims into paying the ransom. The rogue/fake AV trap was set up to target those who feared computer infection. Earlier variants of ransomware locked screens of users, tricking them into paying to regain access. Police Trojans threatened users with arrests and charges for violations. And finally, with crypto-ransomware, cybercriminals aimed for the most valuable part of one’s system, the data.

Methodist has said via prepared statement that “no patient data or records were compromised,” in the attack; however, they have not clarified what documents were affected.

The attack occurred through email when a message containing the ransomware was opened by an employee. This allowed the infection to spread into the network where hackers were able to hold data hostage. They then required Bitcoin, an electronic money that’s difficult to trace, in exchange for the release of the network.

The total ransom was not released by the hospital, but experts estimated the demand at four bitcoins. Based on today’s exchange rate, that would equate to just over $1,600. To date, that’s fit with the typical modus operandi of hackers, who target based on volume. By keeping their demands low, typically in the neighborhood of $300, those affected are willing to just pay the ransom to regain access to their files. Rather than deal with the hassle of fighting the issue or risk a long term investment of time and money, some victims just pay to get their files back.

Methodist Hospital was not one of those victims. Thanks to backup files, the hospital was able to shut down infected parts of their system and rely on the information they stored elsewhere. As mentioned above, the Kentucky hospital wasn’t the first to be attacked and it won’t be the last. The most notable to date was the Hollywood Presbyterian Medical Center that paid $17,000 in bitcoins to get its computer back up and running. Both are working with law enforcement to find solutions to the crimes.

With data suggesting hackers are looking for small scores across mass victims, it’s safe to assume these crimes will only continue to happen in the future.