Ransomware Archives - Business Intelligence

Tag: Ransomware

Competitor analysis

Top 5 Healthcare Breaches… So Far

Year 2017 is half way through, and internet security breach is perhaps one of the topics which has made the maximum headlines – of course after the usual news on political bickering. Just like the past year, this year too hackers have made the most of the fragile online infrastructure of the healthcare industry. In fact, the healthcare sector has emerged as one of the easiest targets for hacking due to its rather weak and obsolete security systems.

In the past six months, the top five healthcare breaches which shook the medical fraternity throughout the globe are:

1.    ABCD Children’s Pediatrics

The San-Antonio based healthcare center was the target of the recent ransomware attack, which breached data of as many as 55,447 patients. On investigation, it was found that Dharma virus, a variant of the Crisis ransomware, had afflicted the files.

Medical records are often used for dark web dealings, pediatric patient records are high commodities in the dark web. The files which were affected by the recent attack included details like medical records, lab results, social security numbers, as well as procedure technology codes.

2.    Harrisburg Gastroenterology

In March 2017, Harrisburg Gastroenterology noticed suspicious activity on their system which led to the compromise of 93,323 patient records. The incident pointed out the loopholes in the website maintenance, which made the Pennsylvania-based institute to notify its patients regarding the breach in data. Critical diagnostic, clinical, as well as insurance information was compromised in this case.

3.    The National Health Service in England and Scotland

In case of hospitals under The National Health Service (NHS), it was the ransomware variant Wanna Decryptor which breached the private information. Wanna Decryptor is one of the most lethal ransomware variant on the dark web, which is why the damage caused was rather huge. The attack crippled the delivery of healthcare services in at least 16 organizations under the NHS. Patients were warned to avoid certain departments, ambulances were diverted, and worst of all, in many cases the hospital staff were unable to access patient data.

4.    Molina Healthcare

Another major Medicaid and Affordable Care Act insurer, Molina Healthcare, had to shut down its patient portal due to security flaws. With a simple change in the URL, the portal provided easy access to all the medical claims data of patients. The breach made news due to the fact that the basic Security 101 flaw was not taken care of. Thus, even though the exposed data did not contain social security numbers, other details like disease, diagnosis, and other medically critical patient information were compromised.

5.    Airway Oxygen

It was in April, that the ransomware attack hit the home medical equipment supplier Airway Oxygen. In this case, the hacker gained access to the network and hacked it in such a way that the employees were shut out from the system where the personal information of the patients was stored.

All these attacks only highlight the need for the healthcare sector to move towards better security measures and a proactive IT department which keeps a close watch on suspicious cyber activities. The time to act, is now!

Steps to Keep Your Medical Devices Ransomware Proof

As hospitals in the UK and Indonesia grappled with the Ransomware attack, the susceptibility of medical devices to cyber attacks again made news across the globe. One of the most conservative verticals of the life sciences industry, the manufacturers of medical devices are gradually adopting technology to provide a better diagnosis of health conditions. No doubt digitization has transformed the overall performance of the medical devices, but at the same time, it has exposed the industry to events like hacking, malware, and cyber attacks as well.

Hacking of medical devices – What is at stake?

Most medical devices have electronic records of the patient’s medical history, the medicines prescribed, as well as information on allergies and other vital facts. Any compromise on this data will not only attract huge financial loss for the hospitals but will also cost the very lives of the patients. Medical devices like insulin pumps and pacemakers have higher exposure to hacking and malware attack. The wireless technology employed in these devices make them an easy target for the hackers.

Medical devices manufacturers – Bracing up to the challenge

With more than 100 million personal health records being compromised, the Food and Drug Administration (FDA) has rolled out a set of guidelines for the device manufacturers as well as healthcare facilities.

As a medical device manufacturer, the FDA recommends that:

  1. The medical device inventory, change management systems, and other networked servers and workstations are monitored closely
  2. All the devices which are running on unpatched version of Windows should be upgraded to the relevant security patched version of the Windows
  3. Conducting vulnerability scans on a regular basis. Though not a foolproof procedure, vulnerability scans do help in identifying devices which are liable to malware attack
  4. Involving the third-party managers and medical device vendors in the risk management process
  5. Prioritizing patches for medical devices and involving the IT department to update the affected medical devices

Lastly, the FDA also wants medical device manufacturers to build response mechanism to handle incidents of cyber attack and see to it that the other devices and medical facilities do not get infected.

Close
Infiti Logo

Hello there!

Contact us to know more about our cost-effective custom market research offerings to support efficient market penetration, new product launch, and devise strategies to monitor and outperform your competitors.

Cookie Policy

The Site uses cookies to record users' preferences in relation to the functionality of accessibility. Please refer to the help guide of your browser for further information on cookies, including how to disable them. Review our Privacy & Cookie Notice