Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
Ransomware targeting healthcare systems
From Axios..
A crippling ransomware attack on the second-largest U.S. nonprofit health system is showing how much patients can be left in the dark when critical health care infrastructure goes down.
Why it matters: The attack earlier this month on CommonSpirit Health, which has 142 hospitals in 21 states, left IT locked, delayed surgeries and caused widespread disruptions in patient care.
It also left millions of patients waiting at least two weeks to learn if their personal information was compromised, experts say.
Why it matters: The attack earlier this month on CommonSpirit Health, which has 142 hospitals in 21 states, left IT locked, delayed surgeries and caused widespread disruptions in patient care.
It also left millions of patients waiting at least two weeks to learn if their personal information was compromised, experts say.
This latest attack comes as the Biden administration examines how to beef up minimum cybersecurity standards within critical infrastructure like health care, the Washington Post reports.
There's been a nearly 50% increase in interactive intrusion campaigns this year, with some of the most notable increases against health institutions, per a recent report from Cybersecurity firm Crowdstrike.
In 2021, 45 million individuals were affected by healthcare attacks, up from 34 million in 2020, Fierce Healthcare reported.
At least 68 healthcare providers in the U.S. were impacted by ransomware in 2021, including multiple hospitals and multi-hospital health systems with a total of 1,203 sites between them, according to cybersecurity firm Emisoft.
There's been a nearly 50% increase in interactive intrusion campaigns this year, with some of the most notable increases against health institutions, per a recent report from Cybersecurity firm Crowdstrike.
In 2021, 45 million individuals were affected by healthcare attacks, up from 34 million in 2020, Fierce Healthcare reported.
At least 68 healthcare providers in the U.S. were impacted by ransomware in 2021, including multiple hospitals and multi-hospital health systems with a total of 1,203 sites between them, according to cybersecurity firm Emisoft.
https://www.axios.com/2022/10/18/health-ransomware-attack-vulnerability
The company I work for is doing a simulation of an attack to prepare for if/when it happens to us. As an IT/software professional I can see how this is a huge risk to almost any organization. All it takes is someone who has admin access to a server and has an open Remote Desktop session and at the same time opening emails and clicking a link or downloading an attachment that has the ransomware virus. The virus executes and "sees" the RDP connection and jumps to the server and installs itself. Once there is begins to encrypt every file on the server. Then the ransomware criminals send emails to the organization leadership telling them to pay up to get the encryption key. If they dont pay (in Bitcoin), they begin to publicly expose sensitive data from the server. So it many cases organizations pay up because the risk is so high.
So by paying up they perpetuate the problem. In fact its becoming a big business model with more and more ransomware groups going online.
Its a huge problem that needs to be resolved. One "solution" would be stop paying the ransom. Bitcoin is also part of the problem in that the ransom payments cannot be traced.
2 replies
= new reply since forum marked as read
= new reply since forum marked as read
