[BreachExchange] Healthcare systems are the target of choice for ransomware

Tue Apr 18 19:14:10 EDT 2017

https://disruptiveviews.com/healthcare-systems-target-ransomware/

Another day and another healthcare ransomware attack. The latest healthcare
ransomware target – Erie County Medical Center (ECMC) in Buffalo, N.Y.
ECMC and its long-term care at Terrace View facility got hit by a computer
virus that prompted a computer system shutdown early Sunday.  As of April
13th, they are still working on bringing their computer systems back online
after a virus infected the system in the early hours of April 9.

The medical center expects to have the system back up and have full access
to patient data tools within the next 72 hours, according to Peter Cutler,
vice president of communications and external affairs at ECMC.

“We are focusing on restoring the patient-related sections of our computer
system first,” Mr. Cutler says. “Over the next 72 hours we are doing a
significant restoration of that portion of the system, so staff can start
entering patient data. We are starting with our highest priority first.”

After being hit with the virus, ECMC officials decided to shut down the
entire computer system to prevent further damage. However, the restoration
process has begun, and officials expect patient data to be fully integrated
into the system by April 15. The email system will also be up by then,
according to a WGRZ report.

“There’s other aspects of the system that relate to some records and
payroll information, things like that,” Cutler said. “But we have
contingencies in place to continue to work through that circumstance.”
Employees, he noted, will be paid on schedule.

A local television station reported, citing “sources,” that the
cyber-attack unleashed “ransomware” on the hospital’s network. Cutler would
not confirm the type of virus that attacked the hospital’s computers but
said the investigation and the “sequential” restoration of other hospital
computer systems are continuing.

Healthcare ransomware just keeps on coming

Healthcare is under attack as hackers use changing tools and techniques to
access practice and patient data and hold it hostage, according to Beazley,
a specialist insurer. Ransomware attacks handled by the company more than
quadrupled in 2016, with nearly half of these attacks in the healthcare
sector. Beazley expects these attacks to double again in 2017.

According to Beazley, organizations are particularly vulnerable to
ransomware attacks during IT system freezes, at the end of financial
quarters, and during busy shopping periods. Evolving ransomware variants
enable hackers to methodically investigate targeted systems, selectively
look at the most critical files, and demand higher ransoms to get them
unencrypted.

“The threat from ransomware is not only growing but evolving to allow
hackers to target vulnerable organizations and their most valuable data
files and adjust ransom demands accordingly,” said Katherine Keefe, global
head of Beazley Breach Response Services. “The sustained increase in these
threats in 2016 indicates that even more organizations will be attacked in
2017 and need to have incident response plans in place before they get a
ransomware demand.”

Unfortunately, the prognosis is not great!

The FDA is shifting its concern to a largely untargeted, yet vulnerable,
area: medical devices. The FDA is concerned medical devices and the
technology behind them do not offer enough cyber security.  Terry Rice,
vice president of IT risk management and chief information security officer
at Merck & Co., discussed the vulnerabilities with the House Energy and
Commerce Oversight and Investigations Subcommittee last week.

“Vulnerabilities in pacemakers and insulin pumps can be exploited to cause
potentially lethal attacks and we have witnessed entire hospitals in the
U.S. and U.K. shutting down for multiple days to combat ransomware
infections in critical systems,” he said.

Both the FDA and device makers are adding cybersecurity experts to their
team to improve security measures, according to Zach Rothstein, associate
vice president at the Advanced Medical Technology Association.

“You’re starting to see FDA hire software experts so that internally they
have more capabilities to evaluate cyber security programs of these
companies,” he told The Hill.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170418/eaa81c3d/attachment.html>