We wrote recently about how politicians have warned that small-scale cybersecurity breaches could be leading to a large-scale cyber 9/11 where attackers work to simultaneously take down numerous systems and cause significant damage.
This hasn’t happened yet but it is becoming far closer to reality.
Ten hospitals – three in Alabama and seven in Australia have been hit with ransomware and many cannot take any new patients as a result!
All three hospitals that make up the DCH Health System in Alabama were closed to new patients on Tuesday as officials there coped with an attack that paralyzed the health network's computer system. The hospitals—DCH Regional Medical Center in Tuscaloosa, Northport Medical Center, and Fayette Medical Center—are turning away "all but the most critical new patients" at the time this post was going live. Local ambulances were being instructed to take patients to other hospitals when possible. Patients coming to DCH emergency rooms faced the possibility of being transferred to another hospital once they were stabilized.
"A criminal is limiting our ability to use our computer systems in exchange for an as-yet unknown payment," DCH representatives wrote in a release. "Our hospitals have implemented our emergency procedures to ensure safe and efficient operations in the event technology dependent on computers is not available."
We have been warning healthcare providers for years about the risks. In 2016 we shared jaw dropping healthcare cybersecurity stats, we tried to wake the healthcare industry up to cybersecurity, 2 months later. We’ve detailed mobile attacks in healthcare as well as telling you in 2017 that 78% of healthcare providers reported a malware or ransomware attack in the past year!
We reported UCONN health was attacked earlier this year and 326,000 patients were impacted! Last month we reminded you schools government and healthcare was still under attack.
Still, last month alone, more than 300,000 people were affected by hackers in healthcare organizations.
1. Pleasant Grove, Utah-based Premier Family Medicine alerted 320,000 patients that their health information may have been exposed in a ransomware attack.
2. Oregon-based Providence Health Plan has notified 122,000 members that their information may have been exposed in a data breach at the provider's administrator Dominion National.
3. Albuquerque, N.M.-based Presbyterian Health Plan was notified by its managed care company vendor Magellan Health that more than 56,000 patients may have had their protected health information exposed in a phishing attack.
4. Seattle-based Community Psychiatric Clinic, a mental health provider, fell victim to three email security breaches that may have exposed 15,500 patients.
5. Metro Mobility, a transportation service for patients with disabilities in Minnesota, has alerted 15,000 patients that their information may have been exposed in a data breach
6. Artesia (N.M.) General Hospital has notified 13,905 patients of a recent security incident that may have exposed patient information.
7. Floresville, Texas-based Connally Memorial Medical Center notified 7,358 patients that their protected health information may have been exposed.
8. Rowlett, Texas-based Berry Family Services, which provides health services to people with disabilities, alerted 1,751 patients of a ransomware attack that encrypted their information.
9. Urbana, Ill.-based Carle Foundation Hospital mailed letters to 1,653 patients Aug. 16 notifying them that their data may have been exposed in a phishing attack.
10. Philadelphia-based Temple University Health System's computer system was compromised in late August, impacting operations including email and patient scheduling.
11. Conway (Ark.) Regional Medical Center alerted patients and staff Aug. 23 that an unauthorized third party had gained access to employee email accounts.
12. A limited number of employees at University of Cincinnati Health were targets in a phishing attack that may have exposed patients' protected health information.
13. Charleston, S.C.-based MUSC Health notified the parent of an infant patient of a privacy breach in which an employee posted a photo of the baby on social media without parental consent.
Every company is at risk of being hit with ransomware.
The reason is, virtually all inboxes have email with ransomware links in them. Even the smartest user may click accidentally or late at night when they aren’t paying attention, after some alcohol or pain killers, etc.
In other words, there are enemies in our inboxes and just one mistake can take down a hospital or company.
Yesterday in fact, Demant had a ransomware incident which cost it $95 million and counting!
The world is getting more dangerous and every company needs to investigate how to become more secure before the attacker gets in and forces a huge ransom payment and potentially shuts a company down.
How your organization can stay safe:
1) Determine if you are in possession of private information for New York residents, even if you are not conducting business in New York. This may be the opportunity to assess whether you need to retain this information for ongoing business purposes.
2) Ensure that you have administrative, technical, and physical safeguards in place that comply with the requirements of the SHIELD Act.
3) Develop, or revisit, internal policies for how the company will identify and respond to a data breach. Ensure that your employees understand the policies and that they are properly implemented.
4) This is a good time to re-evaluate corporate cybersecurity – new attacks are launched constantly against organizations. We reported recently that a new IRS scam warning has been disseminated by the IRS – warning people to be careful not to click on emails from the organization as they are likely malicious messages disguised to look like they emanated from the agency.
5) Read cybersecurity essentials – a simple list which will help most organizations become far more secure.
6) Go to a phishing simulation vendor now and sign up for one of their offerings. Phishing Box, KnowBe4 and Phish360; are all great.
7) We also recommend you get a free evaluation of your cybersecurity risk from an MSP/MSSP immediately – they can also help you build in the needed compliance to reduce the risk of being fined.