News of MedStar Health’s malware attack, as reported on Monday, was at first met with shock and then a resounding (albeit internal) “Again?!”. Unfortunately a lot of healthcare providers across the country have been hit with varying degrees of ransomware attacks. Whether through spear phishing campaigns or corrupted websites, these hackers were not only able to infiltrate and lock down vital systems, but managed to extort the ransom money from almost every targeted hospital or medical provider. Now, with this malware attack stalling not only MedStar’s 10 hospitals but 30,000 in staff and an additional 6,000 affiliated physicians, what steps are providers going to take to reduce the attack risk and why are healthcare systems still prime targets?
Here are the basic facts: early Monday morning, reports began rolling in about a malware attack on MedStar’s network, which forced an entire shutdown to determine where the attack originated, what it had infected and what could be done to get rid of it. Though the organization maintains no patient data was stolen or compromised, employees mentioned seeing demands for payment in exchange for their computers being unlocked. Currently, they are still working to get the network’s full functionality back – meanwhile, patients were not able to get the care they needed and doctors weren’t able to work with the efficiency they value since the records were trapped in technological limbo.
On an aside, it is important to note that this is the third such malware attack of this caliber to happen this year alone. The attack on a California hospital was traced back to the ransomware strain “Locky”. Since the hospital didn’t have their files backed up, they paid a ransom that amounted to $17,000 in order to gain access to their files again. The same thing happened to another healthcare organization in Kentucky – ransomware locked the networks and demands were made to the tune of thousands of dollars. Unfortunately the healthcare industry is easy pickings for thieves and corrupt computer pirates using a malware attack, considering the lack of funding or even time that these networks receive to make extremely necessary updates so security standards are able to protect against outside intruders.
Though nothing can be done with MedStar’s current situation, their future can be much more secure provided that cyber security takes a larger role in the day-to-day. Most assume that the initial breach’s causation had to do with an errant link in an email, or otherwise corrupt website. Along with personnel awareness and additional cyber security training, there are many other options that can continue behind the scenes in order to keep these hospitals running smoothly. And while this is an unsettling way to learn a lesson about cyber security, it is one that the whole healthcare system should take note of. Though HIPAA compliance is extremely important, protecting a patient and their data from getting into the hands of a criminal online is equally so.