The malware locks the hospital’s computer to prevent access to the data or starts to spread the virus to other computers and shuts them all down. The criminal’s goal is not to steal data, but to lock it in place and take away the key.
The hackers then demanded a ransom to unlock the servers. Technology specialists were able to limit the attack and nothing was paid and no patient or employee data was compromised.
Chino Valley Medical Center and Desert Valley Medical Center are just the latest in a series of attacks. Security experts are predicting more ransomware to come in the near future.
A similar hack occurred earlier this year at Hollywood Presbyterian Hospital. The hospital paid about $17,000 in bitcoins (a cyber currency) to get its computer servers unlocked.
Though these cases made headlines, many attacks occur without any publicity, and the victims ultimately agree to pay because they often conclude paying the ransom is the quickest and most efficient way to get their data back. According to experts, hackers favor these types of attacks because they are reasonably easy to pull off and have a big impact.
These are extraordinary challenges hospitals across the country are facing now, and the big question is what they can do to prevent them. The answer is that extraordinary situations require extraordinary steps to protect such data.
Unfortunately, it’s not uncommon for hospitals to have outdated and vulnerable systems on the network. Institutions with updated systems, a good defense strategy, advanced detection capabilities, precise policies and procedures as well as trained and aware staff do have a much better chance against cyber-attacks.
Protecting data is a huge issue that has become increasingly complex as information becomes more and more distributed throughout electronic systems. Organizations that don’t implement a solid Privacy & Security Management Program are taking a big risk. Effective Privacy & Security Management Programs provide a complete Privacy and Security Risk Analysis and tracks and evaluates wrongful disclosures and potential Privacy-Security violations.
The recent hospital hacks should be seen as a wake-up call that very likely signals more cyber-attacks to come. We don’t know yet what the wider effects of the attacks will be, but if there is one thing that other facilities can learn from them, it is the urgency to check their data security. Hackers will continue to target healthcare, which has not yet invested heavily in cyber-security like other industries.
Don’t be held for ransom. Defend against advanced cyber-threats. The key to better security is to focus on Privacy & Security Management Programs to keep hackers out of the network.