In early February, Hollywood Presbyterian Medical Center became the first known hospital in the United States to be targeted by a ransomware attack.1 The ransomware attack locked up computer systems for two weeks, forcing the Los Angeles hospital to transport some patients to other hospitals and declare a state of emergency, before eventually paying a $17,000 ransom to regain access to their data.2 Several weeks later, a string of ransomware attacks hit additional hospitals in the U.S. and Canada, forcing the two countries to release a joint alert about the persistent threat of extortion attacks.3
Microsoft’s Cyber Trust Blog defines ransomware as “a type of malware that holds computers or files for ransom by encrypting files or locking the desktop or browser on systems that are infected with it, then demanding a ransom in order to regain access.4” Ransomware’s calling card is using fear to motivate victims to pay a ransom by relying on a variety of high pressure techniques, such as threatening to erase or publicly release data, often increasing the ransom amount as time goes on.
In April, ransomware attacks reached an all-time high, increasing 159% from March.5 Because hospitals tend to lag behind large corporations when it comes to resilience measures and security awareness training, they make prime targets for ransomware attacks.6 Another potential reason for the rise in attacks on medical centers is their dependence on patient records and connectivity to deliver proper care—making them more likely to pay a ransom for a decryption key.7
Ransomware’s next target
Ransomware is not a new phenomenon, but sophisticated new strains and military-grade encryption have turned it into a criminal enterprise that accounted for roughly $325 million in damages in 2015 and instilled a new sense of fear in individuals and businesses alike.8 As is the case with any cyber threat, being proactive rather than reactive can mitigate potential damage.
Today, ransomware attacks are targeting computers and web servers, but where will they strike next? One think tank believes the rapidly expanding Internet of Things (IoT) may be the next frontier for modern cyber criminals looking to make a score. According to the Institute for Critical Infrastructure Technology (ICIT), connected cars, pacemakers, and insulin devices are just a few Internet-connected devices that could provide lucrative targets for ransomware attacks.9
As the IoT connects more cars, watches, televisions, appliances, and health devices to computer networks, this creates more points of entry for ransomware attacks. Although there haven’t been many instances of ransomware attacks on IoT devices yet, there have been isolated reports of network-attached storage devices being hit by cyber criminals. In addition, two security experts were recently able to gain remote access to a moving car—taking over its radio and windshield wipers before eventually shutting the car down completely.10
Because providing a ransom note to a victim is much easier on computers than IoT devices, this presents one potential challenge to the evolution of ransomware, but savvy cyber criminals have a knack for overcoming these obstacles. Whether cyber criminals choose to capitalize on IoT devices remains to be seen, but taking the proper precautions now can help safeguard against potential future threats.
Safeguarding against ransomware
As ransomware broadens its scope, it’s important to know how to protect against these kinds of attacks. Here are a few precautions individuals and enterprises can take to minimize or mitigate damage:
- Training and awareness—Most of the time, ransomware is disguised in a legitimate-looking email or attachment. Being prepared and informed reduces the chances of unknowingly infecting your machine with malware. Think before you click!11
- Data backup—Regularly back up data to an external hard drive or the cloud. Keeping sensitive data offline or on a separate device gives ransomware victims the ability to restore systems and retain lost documents with ease.12
- Basic security hygiene—Like many cyber threats, ransomware attacks look to exploit vulnerabilities in network systems. Running an up-to-date OS, using a reputable anti-malware software, and deploying a firewall can help reduce the number of entry points into your network.13
The recent string of ransomware attacks on Hollywood Presbyterian Medical Center and other hospitals is a prime example of how devastating ransomware attacks can be. All signs point to ransomware’s continued rise in 2016, so make sure you’re taking the right precautions to avoid a data hostage situation.
Download our Security Datasheet for more.
- Request a call from a Microsoft Representative to learn more about how you can protect your healthcare organization from Ransomware.