Cybersecurity is a popular topic in the healthcare industry as many healthcare organizations have not appropriately identified the risks and vulnerabilities of their environment. A California hospital was recently reported paying ransom “bitcoin” to unlock critical files. Now another hospital has come forth, declaring an “internal state of emergency” as they comb through their options.
The Methodist Hospital in Kentucky was attacked with ransomware – a virus that holds the files on a computer or network for ransom. Currently, the case involves the FBI and the ransom has yet to be paid. While the hospital did not have a plan for this type of attack, the hospital did operate under their current emergency response system for tornadoes, utilizing a paper-based system.
As more organizations within the industry turn away from paper-based processes, the threat for cyber-attacks grows. Organizations need to coordinate their efforts throughout the whole information system, protecting all information, not just the most important or the first layer.
About 55% of cybersecurity attacks go unnoticed by commercial antivirus software, putting many organizations at more of a risk than they realize. The data is being sold on the “dark web” – part of the World Wide Web that is purposely hidden and not accessible through normal web browsers, allowing users to remain anonymous.
How does one aid against their data making it to the “dark web”? Ask yourself, what policies does your organization have in place around social media, bring your own device (BYOD) and employee access to your network? Healthcare organizations today can take precaution against attacks with periodic assessment on their networks. Through assessing your organization’s current state of readiness regarding its ability to identify, detect, protect, respond and recover from security incidents, you’ll put yourself in a position to achieve your targeted level of readiness moving forward, putting you in a position of strength.
To learn more about the Southern California hospital cybersecurity attack and the challenges and managing your organization’s risk, read Cybersecurity Attacks: Prepare or Pay 17,000 in Bitcoin?
To read the full article about the Kentucky hospital, view Hospital Declares Internet State of Emergency After Ransomware Infection.
Please contact a member of Withum’s Healthcare Services Group at firstname.lastname@example.org for further questions or assistance.
The information contained herein is not necessarily all inclusive, does not constitute legal or any other advice, and should not be relied upon without first consulting with appropriate qualified professionals for your individual facts and circumstances.