A new form of malware, known as ransomware, has affected several hospitals in the United States over the past month. States with affected hospitals include Kentucky, California, Maryland, as well as the District of Columbia. In these new kind of cyber attacks, the hospital was given an ultimatum to either hand over the requested amount of money or lose their data. These ransomware attacks put both patients and their data at risk. Here we explain more about what exactly ransomware is and how hackers are using it to their advantage, as well as exploring ways to prevent becoming a victim of this new malware.
How Does Ransomware Work ?
Ransomware may not initially look like a threat, as it changes file names to decrypt.html or decrypt.txt instead of the original file name. When the computer user clicks on the file to access it, instead of viewing the file, they will receive a message requiring them to pay a “ransom” for the file or else, lose it. This has left the targeted hospitals in a vulnerable position where they have lost access to important patient data. In some instances, the hospitals were forced to turn patients away due to the issue.
Does Ransomware Only Affect Hospitals?
While hospitals seem to be the latest ransomware targets of choice, the attacks are not exclusive to hospitals. This has happened at a Maryland Cafe, and Mac computers were also a chosen target for ransomware. These computer hackers were even able to force a police department in Massachusetts to pay them for access to their data. As you can see, this places not only the targeted establishment at risk, but also the patients/clients/customers data at risk.
Bitcoin As The Chosen Form Of Payment
Health care establishments are receiving “ransom notes” to pay up within a certain timeframe or have their valuable data permanently lost. Most of the ransomware victims are asked to pay their ransom fee in bitcoin. This allows the business to give the hackers instant access to the funds without using a bank or credit card. To make sure the victim understands exactly what to do, the hackers are even including simple instructions on how to access and trade bitcoin so that they receive their payment.
How Hospitals Are Combating Ransomware Attacks
With such sensitive and important information such as patient records, hospitals now need to implement the best malware removal and protection available. Hospitals associated with the American Hospital Association are now using the best in cybersecurity practices to prepare themselves for existing or emerging malware attacks.
There are also several other steps that hospitals can take to make sure their data is not compromised. These include using HTTPS encryption, two factor authentication, and maintaining back ups of their files on a separate server. By backing up important information on machines connected to other servers or on unconnected machines, the hospital can assure that they always have access to patient records and other data that might otherwise be compromised in a ransomware attack.
What The FBI Recommends In Regards To Ransomware
While the FBI continues to investigate the recent ransomware attacks over the past few weeks, they have some good recommendations as to how to keep a business safe from this kind of malware attack. They suggest using an appropriate backup method (such as those mentioned above), and using the best malware detecting and prevention systems available since so much is at stake. The FBI also recommends that employees be trained to watch out for any suspicious attachments, email threats, and unfamiliar websites that might pose a risk. The FBI is also concerned about victims paying the ransom as giving in to the extortion could very well lead to other victimizations and criminal activities.
Ransomware has been a very eye opening experience for many hospitals and other businesses, as it makes us see how vulnerable our information really is. Although we might have some control over who is allowed to view our medical records and information, at the moment, we are still at the mercy of the hospitals and other businesses to keep our personal information private and secure. With the lessons learned from the recent malware scare, it is likely that most hospitals will make every effort to employ the best malware removal and protection systems to prevent these incidences from happening in the future.
[Image via Google Images]