Ransomware attacks affect every industry; however, the healthcare industry is highly vulnerable to them simply because of the severity of risk involved. A ransomware attack may impact either the critical services or the administrative services of a hospital or both. Thus, it is not just the financial, billing or medical history of the person that is in danger, but his very life might be at high risk. Imagine, the computer screen connected to an endoscope, freezes in the middle of a surgery; that can be life threatening! And multiply it with the number of surgeries being done at the same time at a hospital; the impact can be catastrophic.
The cost of cyber-attacks in the healthcare industry
While loss of life is the worst loss for a hospital, there are also other costs that a healthcare provider has to bear in case of such attacks. The top areas of concern for this industry are,
Cost due to System Downtime
An attack on administrative systems like work orders, medical inventories, billing, appointments, prescriptions etc., lead to disruption of normal services, delays and requires additional manpower to bring the system back to the normal state.
Reduced Customer Satisfaction
When the systems are down, the patients are waiting. This has a cascading effect. Even after the systems are recovered, there is a lag to reduce the long queue of waiting patients. This leads to a dip in customer service.
Reduced customer satisfaction and the fact that hospital systems were compromised does not instill confidence in the community they serve.
Loss of Revenue
With bad publicity and risk of loss of their personal information, fewer patients would choose to come to the affected hospital leading to loss of revenue.
The Cost of Ransom
Sometimes the hospitals pay the ransom to get access to their systems quickly. This is never a good idea.
Major Ransomware attacks in the Healthcare Industry
Here are some true incidents and effects of ransomware attacks on healthcare providers.
1.Hollywood Presbyterian Medical Center
This Los Angeles hospital was attacked in 2016 and suffered downtime for 10 days. It lost access to its patient’s electronic medical records during that period. The ransom demanded was a whooping 17,000 USD, instead of the usual 300-500 USD. The hospital actually paid this amount in Bitcoins.
2. Medstar Health
This is one of the largest healthcare system attacks with 10 hospitals and 250 outpatient centres getting affected. The attack was almost simultaneous at all centres and they lost almost complete access to their systems. Although, all the affected sites had a disaster recovery plan, the scale and spread of the attack took the hospital by surprise and they took a lot of time to recover from it. This attack shows that businesses with multiple locations can be affected at the same time and an integrated disaster recovery plan needs to be created for such a scenario. This holds true for every business.
3. Kansas Heart Hospital
This hospital was attacked in May 2016. Thinking that they would get back the access to their systems, they paid the ransom. However, they only got partial access and yet another demand for more money. Sensibly, the second time, they denied. This incident proved that even after paying the ransom, one cannot be sure to get the access back. If anything, paying ransom makes the attackers bold. Besides, who knows what illicit activity is being funded by the ransom that is paid by the victims.
4. Methodist Hospital
This hospital was attacked in March 2016. The attackers demanded 1600 USD. The main effect of the attack was that everything had to be processed by pen and paper. This, in short, doubled the time taken by physicians for their administrative tasks. This incident highlights the need of having a sound recovery plan to ensure minimum downtime so that people can get productive as soon as possible.
5. Christopher Rural Health
This one is an excellent example of how to deal with ransomware attacks. This network of health centres was hit by a ransomware attack in May 2015. But instead of paying the ransom, they used their system backups to restore their systems. This incident shows the real value of a good backup strategy and how it can help in case of a cyber attack.
For a critical service provider, it may be tempting for the business to pay the ransom and get access back to their systems. However, it has been proved many times that paying ransom is not a guarantee of restoring system access. In fact, there is a high probability that attackers will ask for more money and that money will be used for illegal purposes. The best defense against ransomware attacks is to have a sound backup strategy and implement a comprehensive Security Solution.
Photo by Piron Guillaume