Ransomware, Hospital Hacks, and the Future of the Connected Hospital

by Ryan Harbison | 2Q 2016 | IN-4065

If 2015 was the year of retailer cyberattacks, 2016 will be the year of hospital cyberattacks. In February, hackers shut down the communications for the Hollywood Presbyterian Medical Center in Los Angeles for a week in a severe ransomware attack until administrators were forced to pay a 40 Bitcoin (approximately US$17,000) ransom fee to get their systems functioning normally again. That same month, Methodist Hospital in Henderson, Kentucky, was also struck by the same ransomware as well, which prevented them from accessing patient files. Instead of paying the ransom fee, Methodist Hospital was able to restore the hospital’s data by using backups. At the end of March, MedStar Health, a not-for-profit healthcare organization that runs 10 hospitals and hundreds of out-patient clinics in the Washington, DC area, posted that its network “was affected by a virus that prevents certain users from logging in to [its] system.” Employers allegedly saw a pop-up screen that demanded payment in Bitcoin, but MedStar was able to get its systems back online by shutting down its network to prevent the ransomware from spreading, and isolate the breach. Employees could not access email or schedule patient visits, appointments, or surgeries electronically, instead relying on paper records for communication and scheduling. The Federal Bureau of Investigation is looking into these breaches because as these attacks progress, patient records and, increasingly, even their safety, is becoming compromised.

You must be a subscriber to view this Insight.

To find out more about subscribing:
Contact a representative about purchasing options.