Ransomware Attacks in Hospitals

Experts forecast more ransomware attacks in hospitals.

Ransomware attacks in hospitals have frequently paralyzed operations in medical institutions across Alabama in the recent past. Patients, even those with critical conditions, weren’t receiving adequate treatment as staff and administration were kept busy with recovery efforts. Business as usual hasn’t yet been fully restored in many of these facilities.

On the 1st of October, three DCH Health System facilities fell prey to hospital ransomware attacks and even after the hospitals paid the ransom, system restoration was still in progress as late as October 7th.

DCH was able to rebuild some system components using their own backup files. The ransomware perpetrator also provided a key for decrypting and regaining access to locked systems. The test decryption of numerous servers was followed by a step-by-step process of decrypting, testing and restoring availability of systems, one at a time. This was a logical follow up aimed at giving preference to mission critical operating systems and crucial emergency care functions.

Although the attackers have received the ransom, DCH refrained from disclosing the amount paid or time required for completing the restoration process to the press and media. Meanwhile, sources also reported that the ransomware’s impact on systems was also preventing facilities from attending to less critical patients.

Experts cite hospitals and other similar institutions are prime targets for ransomware attacks. Not being able to restore medical operations quickly after an attack would translate into severe consequences, both for the patient as well as the facility’s reputation. Such circumstances give attackers the upper hand while collecting a ransom from hospitals.

Hospitals are more likely to pay than other organizations as systems locked down for prolonged periods of time can even lead to fatalities, for instance during emergency operations when vital patient data becomes inaccessible owing to full encryption.

Even hospitals with fully functional backup strategies end up paying ransoms as it would be a lot more expensive to perform a complete rollback.

Ransomware attacks look to exploit hospitals’ heavy reliance on their assets, resources and infrastructure that are crucial for emergency operations. Preventing such attacks require extensive investments in cyber security and data protection, given the sensitive nature of healthcare records and PII information related to medical treatment.

In many cases, hospitals lack the resources necessary to respond peremptorily to these ransomware attacks.

Criminal activity for the purpose of monetary gain is on the rise and this will increase the risk exposure of hospitals and healthcare facilities to ransomware attacks. Lack of sufficient resources such as staff and funding continues to be an issue, making such medical institutions all the more vulnerable to these threats.