Healthcare and ransomware: a security expert explains the cyber threat to hospitals

Healthcare and ransomware: a security expert explains the cyber threat to hospitals


Local information security expert Mark Fulford said there is no “silver bullet” to protect 100 percent from ransomware and other cyber attacks like the large-scale cyberattack that spread across the globe last Friday.

However, there are concrete steps companies can take to keep their data out of harm’s way, Fulford said. 

Mark Fulford works in the Information Security division of the professional services firm LBMC, which is headquartered in Brentwood. Clients hire Fulford and others in his 50-person division to audit their security systems.

“They will hire us to penetrate their systems to perform phishing to identify vulnerabilities and report on those vulnerabilities so they can use their internal resources to shore things up,” Fulford said. Phishing is the term used for the sending of fraudulent emails designed to trick people into turning over things like credit card numbers or passwords.

Fulford said the majority of information security work he does is for healthcare providers. Hospitals, especially in the United Kingdom, were hit by last week’s attack. Healthcare companies are especially enticing targets for cyber criminals for a couple of reasons, mainly the regulatory history of the healthcare industry and the type of information they handle.

The WannaCry ransomware that struck last week locked computer files across the world as hackers demanded a $300 Bitcoin payment to unlock the files.

An article from The Guardian detailed how the attack left some doctors unable to access patient records or perform x-rays, delaying potentially life-saving medical intervention. By the beginning of this week, the WannaCry ransomware had spread much farther, infecting over 300,000 computers in at least 150 countries.

Although the ransomware attack affected far more than just hospitals and healthcare facilities, those types of targets are particularly vulnerable to cyber-threats. Brentwood is a healthcare hub, with major hospital systems such as Community Health Systems and LifePoint Health based here.

Fulford said security standards for healthcare is a fairly recent development and has left places like hospitals playing catchup.

“As compared to other industries, it’s really only fairly recently that there’s been significant regulatory activity around security and healthcare,” he said. “When you combine that with the fact that we’ve had rapid adoption of electronic medical records and new technologies that leverage the data in those types of systems to provide care it really sets up healthcare to be a prime target for these types of attacks.”

In addition, health care facilities have uniquely high-value information stored in its systems.

“You literally have life safety issues if you don’t have access to that data,” Fulford said. “You have weak security and high value data, which makes it more likely that an organization will pay a ransom.”

The plethora of different access points for ransomware at hospitals also presents a challenge. As Fulford explained, it’s not just desktop computers that can become infected. Many biomedical devices found in hospitals are in effect computers.

“Even a hospital that’s doing a relatively good job internally, if their vendors are not doing a good job with some of these biomedical devices, then the compromise can make its way into those devices as well, which can be pretty devastating,” Fulford said.

Even a single security breach can be devastating because of the nature of the malware attacks. They are what is called “wormable” which means that once it gets onto one device in a certain network it can move across the network, infecting even file servers and hosts that store data.

Fulford said ransomware attacks have been increasing in recent years mainly because they are so successful.

“There are a large number of companies that are not prepared with good backup and they have few options but to pay the ransom,” he said. Once that happens, the people who propagated the attack can come up with increasingly more effective cyberattacks.

“We’re seeing more and more unfortunately because they’re doing it more and more because it’s effective and profitable,” Fulford said.

LBMC Information Security has prepared a LBMC Ransomware Checklist for companies looking to better protect their files.

One item on the list calls for vigilance toward known security flaws in computer software. WannaCry, for instance, exploited a known vulnerability in Microsoft products. Not only that, it was a known vulnerability for which there was a patch available to neutralize the threat.

“If people had been diligent in applying those patches those machines would not have been susceptible to this attack,” Fulford said.

Companies can also make regular backups of their data to protect themselves.

“A data backup is a quick way to recover from a ransomware incident,” the checklist reads. “Performing regular backups ensures that a current backup of your data will be ready at a moment’s notice.”

Whatever challenges may await security experts like Fulford in the future, as criminals innovate new ways to assail computer networks, the reality of the digital world in which we live is unlikely to change.

“The horse is out of the barn in terms of our medical records being digitized,” Fulford said. “It’ll just be up to organizations in the private and the public sector to come up with ways to continually enhance our security and ensure the privacy that everybody wants.”

About The Author

Related posts

Leave a Reply

Your email address will not be published. Required fields are marked *