U.S.-Canadian Ransomware Alert May Be Too Little, Too Late
By Christine Kern, contributing writer
Experts warn that attacks will escalate in number and scale.
The U.S. and Canada have released a joint alert regarding the recent wave of ransomware attacks that have affected at least a dozen hospitals since February, warning experts predict attacks will escalate in number and scale. The prediction comes as hackers are becoming more experienced and sophisticated in their attacks while healthcare organizations prove to be slow in implementing appropriate security measures to rebuff such attacks.
According to the alert, issued by the U.S. Department of Homeland Security and the Canadian Cyber Incident Response Centre, the attacks can be devastating, recovery difficult, and payment of ransom is not recommended as it encourages further attacks without guaranteeing the restoration of data access.
“Paying the ransom does not guarantee the encrypted files will be released; it only guarantees that the malicious actors receive the victim’s money, and in some cases, their banking information. In addition, decrypting files does not mean the malware infection itself has been removed,” the alert warns.
The alert notes, “In early 2016, destructive ransomware variants such as Locky and Samas were observed infecting computers belonging to individuals and businesses, which included healthcare facilities and hospitals worldwide. Ransomware is a type of malicious software that infects a computer and restricts users’ access to it until a ransom is paid to unlock it.”
The warning comes on the heels of several high-profile attacks, including the one against Hollywood Presbyterian Hospital, which paid hackers torestore its systems. Methodist Hospital in Kentucky reportedly used its backup and recovery system to regain control after a ransomware attack.And MedStar recently was forced to shut down much of its computer network in order to combat the spread of a virus. In all, at least a dozen hospitals have been affected by ransomware since February, according to Motherboard.
Some experts say the alert is just too little, too late to help stop the spread of malware, particularly among the healthcare industry.Symantec’s 2015 Internet Security Breach Report found healthcare had the largest number of data breaches four years in a row. That report found 37 percent of all breaches occur in healthcare, more than triple the number of breaches that occur in retail (11 percent).
Meanwhile, Wombat Security Technologies has established a training program to help companies assess and manage their security risks to better protect critical patient data.