Security Market Segment LS
Thursday, 05 May 2016 15:22

Hospitals increasingly targeted by Ransomware


You could not imagine a higher pressure environment where delay or equipment failure could mean the death of a patient.

Ransomware is on the rise according to Carbon Black’s Kane Lightowler, Managing Director Asia Pacific and Japan. The number of enterprises being forced to pay criminals to decrypt their files is growing daily and Australia is a prime target because of the high success rate here.

This is particularly so for hospitals, which have come under constant fire from ransomware attacks in 2016. Hospitals are easy marks for ransomware for two reasons:

  • Hospitals rely on real-time information from patient records to provide critical care. As a result, they will typically pay the demand rather than risk disruption or delay of care.
  • Hospitals typically have the same file share and depository for all systems – including patient health information (PHI) – so all it takes is for one employee to be fooled and files are locked across the entire organisation.

Although a U.S. statistic, as many as 75% of hospitals, have been hit with ransomware in the past year. What’s more disconcerting is that 50% of hospitals said they are unsure, or have no way of knowing, if they managed to find ransomware in their enterprises.

For those organisations, the price of recovery can be very high. When a hospital is infected with ransomware, the decision to pay the ransom is determined by some questions:

  • How quickly can the hospital implement its business continuity plans?
  • When was the last back up?
  • What’s the scale of the attack?
  • What files are being encrypted?
  • What’s the risk to critical patient care?

In many instances, attackers are not demanding huge amounts of money, but the risk and liability associated with being infected go way beyond the price of ransom. Hospitals need to take into account the cost of disruption, lost productivity, the money needed to investigate IT systems and the cost of infrastructure improvements to prevent future infections.

Additionally, all healthcare organisations must adhere to HIPAA/HITECH and many have PCI DSS (personal and financial) information implications. The harsh reality is that if an organisation is breached, it is out of compliance.

The fines and penalties associated with compromised personal health information (PHI) are monumental. Add potential lawsuits into the equation and the financial demand of the original ransom fee becomes a mere footnote in the attack.

Detection and Response

Organisations affected by ransomware are increasingly leveraging pattern-based threat detection to provide reliable visibility into ransomware variants by looking for behaviours and actions that are indicative of an attack. With such an approach, a security team can be alerted of a potential ransomware attack that’s taking hold of their enterprise, isolate the host and stop the attack before it spreads.

These forward-thinking organisations have the ability to continuously record and centrally store all endpoint activity, including network connections, process trees, file and registry modifications, file executions, and copies of executed binaries.

This type of visibility provides security practitioners with full root-cause analysis so they can make intelligent decisions on how to improve their security posture to prevent future attacks, instead of blindly re-imaging machines or deleting malware and hoping for the best.

Carbon Black provides endpoint security software that detects malicious behaviour and prevents malicious files from attacking an organisation. It has a webinar titled 7 Dangerous Misconceptions About Recent Attacks: It’s Not About the Ransomware or Hospitals here specifically relating to hospitals.


26-27 February 2020 | Hilton Brisbane

Connecting the region’s leading data analytics professionals to drive and inspire your future strategy

Leading the data analytics division has never been easy, but now the challenge is on to remain ahead of the competition and reap the massive rewards as a strategic executive.

Do you want to leverage data governance as an enabler?Are you working at driving AI/ML implementation?

Want to stay abreast of data privacy and AI ethics requirements? Are you working hard to push predictive analytics to the limits?

With so much to keep on top of in such a rapidly changing technology space, collaboration is key to success. You don't need to struggle alone, network and share your struggles as well as your tips for success at CDAO Brisbane.

Discover how your peers have tackled the very same issues you face daily. Network with over 140 of your peers and hear from the leading professionals in your industry. Leverage this community of data and analytics enthusiasts to advance your strategy to the next level.

Download the Agenda to find out more


Ray Shaw

joomla stats

Ray Shaw  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!



Recent Comments