November 4, 2020
By Rich Gadomski, Fujifilm, and Paul Lupino and Tom Trela, Iron Mountain
It was not long ago that ransomware threats caught the attention of the nation when WannaCry burst onto the scene and was widely covered in the press in May of 2017. Fast forward to the COVID era of today, as morning TV shows are featuring news that healthcare providers and hospitals are under increasing ransomware attacks due to their vulnerability at a time when these providers are otherwise overwhelmed, fighting a stubborn pandemic that does not want to go quietly into the night.
The threat against the healthcare sector prompted an alert on October 28th from CISA (Cybersecurity Infrastructure Security Agency) entitled “Ransomware Activity Targeting the Healthcare and Public Health Sector.” The introduction reads: “This joint cybersecurity advisory was coauthored by CISA, the FBI and the Dept. of Health and Human Services (HHS)…and describes the tactics, techniques, and procedures used by cybercriminals against targets in the Healthcare and Public Health Sector to infect systems with ransomware, notably Ryuk and Conti, for financial gain. CISA, FBI and HHS have credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.”
That’s chilling. Most organizations can’t effectively operate without their computer systems or data. Hospitals are no different with the safety and well-being of patients hanging in the balance.