While the threat of ransomware and cyberattacks in healthcare is growing, targeting hospitals and health systems has drawn criticisms from perhaps an unlikely group: hackers themselves.
According to the latest McAfee Labs Threats Report, a key reason healthcare organizations are targets for ransowmare and cyberattacks is because health IT professionals are often working with outdated, legacy equipment but must implement the latest cybersecurity safeguards while ensuring patient care is not disrupted.
"As targets, hospitals represent an attractive combination of relatively weak data security, complex environments and the urgent need for access to data sources, sometimes in life or death situations," said Vincent Weafer, vice president for Intel Security's McAfee Labs. "The new revelations around the scale of ransomware networks and the emerging focus on hospitals remind us that the cybercrime economy has the capacity and motivation to exploit new industry sectors."
This, of course, has led to numerous ransomware attacks so far this year, notably at Hollywood (Calif.) Presbyterian Medical Center which suffered an attack Feb. 5, rendering the hospital's IT systems and medical records inaccessible.
Although they are enticing targets, some hackers have criticized their counterparts for going after hospitals, according to the McAfee Labs report. According to the report, there is an ethical code of conduct in the Russian underground hacking environment that says hospitals are off-limits to hackers. The report quotes hackers in an underground online forum condemning the hackers.
"Yes, this is pretty sad and a new low. These ransom attacks are bad enough, but if someone were to die or be injured because of this it is just plain wrong," one hacker wrote.
More articles on ransomware:
Why cyberattacks aren't harming hospital finances
10 things to know about ransomware
3 tips on how not to pay a ransom