The hacking community seems to be getting bolder with their ransomware attacks. This particular type of malware, meant to encrypt the data of the victim’s computer, has begun to see use against hospitals. Medical facilities require massive amounts of data in order to keep patients healthy, and the loss of these systems can be so devastating that the hospital is forced to pay the criminal.
Methodist Hospital in Henderson, Kentucky, learned this the hard way when a recent ransomware attack spread to multiple computers. The event quickly spiraled out of control, with the hospital having to declare an “internal state of emergency”, according to Ars Technica.
It could have been so much worse
Although this particular incident caused a lot of panic and confusion within Methodist, it would appear the hospital got off lucky compared to other facilities. Hollywood Presbyterian in California has become the poster child for ransomware levied on large facilities after such an attack crippled the hospital’s digital infrastructure. Administrators were eventually forced to pay $17,000 in bitcoin to decrypt the files on its network.
Methodist Hospital’s ransomware experience was much tamer than this. It all started with a spam email containing a link that would download ransomware onto the user’s computer if clicked. This is a very common means of distributing malware and is behind a lot of infections. Hackers send out massive amounts of these emails, hoping that at least a few people won’t think twice about clicking an unknown link.
After this particular email infected the original user’s computer, the malware spread to multiple other machines. While this process generally happens quickly, hospital officials were able to spot the problem and shut down the network before the ransomware could spread further. Although this was certainly some quick thinking that probably saved many machines from infection, it also meant that staff had to scan each computer while it was disconnected to see if it was compromised.
Backup saves the day
Despite the initial panic, Methodist Hospital has since gotten much of its system back online without having to pay the ransom demanded. This is because the facility depended on a backup system for its most important data, which allowed the hospital to continue operations without having to worry too much about what was encrypted.
In fact, this isn’t even the first time that backup has saved a hospital from a ransomware attack. Ottawa Hospital also had a run-in with hackers recently when an attack encrypted the data on four different computers, according to Healthcare IT News. But, like Methodist , Ottawa had also invested in a solid backup routine. This meant that it could continue operations without paying the hacker, thereby blowing past the ransomware blockade altogether.
Although there are many different cyber security best practices a hospital can follow to avoid ransomware attacks – chief among them being not clicking less-than-reputable links – perhaps the most practical solution to this problem is to backup mission-critical information. Having data in multiple, geographically separate locations allows hospital administrators the opportunity to mitigate the risks of a ransomware attack if one were to arise
Backing up data is such a tried-and-true defense against this particular form of extortion that the FBI recommends that individuals and businesses alike “always conduct regular system back-ups and store the backed-up data offline.” Backups can also help out in a multitude of other disastrous events that destroy the original copies, making this service one that the modern business simply can’t live without. Health care facilities especially should look into contacting a managed service provider about backup in order to lessen the blow of massive, unpredictable threats.