By the end of the weekend, the list of impacted computer systems included a number of hospitals in the United Kingdom, Spanish telecommunications company Telefonica, FedEx, the Russian Interior Ministry, and several others.
The U.K. National Health Service confirmed that up to 25 NHS organizations were compromised by the ransomware, a variant of Wanna Decryptor called “WannaCry.” After first infiltrating the organizations’ infrastructures, the malware then locked down hospital computers so clinicians and doctors could not access patient records unless they paid a $300 Bitcoin ransom.
While patient health and experience are a hospital’s first priority, the extensive damage of the WannaCry infections and ensuing chaos should be a major wake up call to also prioritize security. In the aftermath of these attacks, healthcare organizations and their IT teams should be taking the necessary steps to protect the confidential and highly sensitive information they store on a daily basis.
What is ransomware?
Ransomware is malware that holds the victim’s computer to ransom, either by restricting access to the computer by locking the desktop or by encrypting the files. The malware then displays a ransom note with specific guided instructions on what to do next to fix the problem.
The most common way that ransomware spreads and infects is through SPAM email attachments. Once opened, the malware infects the computer and then spreads itself quickly through the network to infect other machines. Ransomwares also uses infected websites to spread.
Why should hospitals care?
As this was a highly “successful” operation from the criminals’ standpoint, we can expect that the intensity, sophistication, and velocity of the attacks will only continue to grow. Further, today’s cyber-attacks are targeted, complex, and can cause devastating damage to the victims and their networks, such as loss of reputation and the tarnishing of brand perception.
Hospitals have never been more at risk thanks to rapid advances towards digitization. With the widespread adoption of electronic medical records, hospitals’ infrastructures now carry a wealth of sensitive patient health information (PHI) data.
Perpetrators are constantly looking for the weakest link, and when compared to traditional enterprises, hospitals’ infrastructure and security hardening still has quite a long way to go. After all, financial entities and industries have painfully suffered similar attacks for decades, and have rightfully adapted to protect themselves.
Perhaps most critically, any amount of disruption to normal hospital activities or unavailability of resource systems can result in significant loss of revenue and decreases in patient satisfaction. When you factor in the amount of electronic-based systems used in a hospital on a minute-to-minute basis, it’s easy to see how real-time decision-making can be suboptimal if the reliability and accuracy of this information is compromised.
For a tangible example of this, consider that the WannaCry attack impacted Barts Health, the UK’s largest hospital trust in London, so significantly that they were experiencing delays and cancellations of appointments as late as Wednesday evening. As a result, hospital leaders had to greatly reduce the volume of planned operations and clinics on Thursday to make sure the hospital could run all services safely.
Moving into the second half of 2017 and beyond, hospitals must be hyper-vigilant to defend information systems and resources from malicious and unauthorized users. As the WannaCry situation shows, cybersecurity can no longer be a secondary priority for healthcare organizations; it has to be one of top priorities alongside care delivery and resource allocation.
For more technical details and specific instructions on how to reduce the risks of the attack, visit Symantec @ goo.gl/9Ald1n
About Srinivas Mantripragada
Srinivas Mantripragada is the Vice President of Engineering/Technology at Qventus. Prior to that, he was Entrepreneur-in-Residence at Foundation Capital. Prior, he was VP, Technology at Infoblox (NASDAQ: BLOX) leading DNS security initiatives. He was also the Director of Advanced technology at Determina, an innovative cybersecurity firm which was acquired by VMWare and Chief Architect at Barracuda networks (NASDAQ: CUDA), a worldwide leader in Web Application Security. He was also a founding member, CTO and VP of Products at RedShift networks, a leading provider of secure communications for VOIP/LTE networks. Srinivas is a frequent speaker in leading conferences and co-Authored more than 60+ technical/product/ research peer reviewed publications, journals, 6 patents with 2 standards defined. He holds a Ph.D in Computer Science from University of California, Irvine.
News From Our Partners
