由 Lee Nelson
, Contributing Reporter | September 19, 2016
Stealthy cyber criminals are hacking into more and more websites and implementing malicious software blocking access to a computer system until someone pays a specified sum of money — and health care providers have proven to be a prime target.
According to Ron Temske, vice president of security solutions, Logicalis US, an international IT solutions provider, ransomware has become one of the most sophisticated criminal enterprises the world has ever seen.
In a recent webinar, Temske and Jason Malacko, IT security expert, Logicalis US, offered tips on how to prevent one's business from becoming a casualty of the ransomware epidemic.
Why is ransomware growing?
Quest Imaging Solutions provides all major brands of surgical c-arms (new and refurbished) and carries a large inventory for purchase or rent. With over 20 years in the medical equipment business we can help you fulfill your equipment needs
“Basically, it’s profitable,” said Temske. “It’s a $1 billion enterprise. That would be something that would be heralded as an accomplishment if it weren’t based on such nefarious principles.”
A recent industry study found that nearly half of all U.S. businesses were the victims of at least one ransomware attack in just the past year. Plus, according to the U.S. Department of Health and Human Services Office for Civil Rights, over 230 health care breaches impacted a combined loss of over 112 million records and affected 500 individuals or more in each breach.
The top 10 breaches alone accounted for just over 111 million records, and the top six breaches affected at least 1 million individuals.
“It can be used by anyone," said Temske. "You don’t even have to be a security practitioner to deliver ransomware."
One example of a health care facility being held hostage was in February when hackers got paid $17,000 or 40 Bitcoins
by officials at the Hollywood Presbyterian Medical Center in Los Angeles. The CEO was quoted by many news agencies as saying they paid the ransom because it was in their best interest, and was the most efficient way to end the problem.
Whether or not business leaders decide to pay the kidnappers who have taken over their data, Logicalis experts said that companies need to be ready for an attack way before it happens, to be able to detect it and then stop it while it’s happening. Plus, some companies are able to recover from it after it happens to them.
How can a facility prevent ransomware or recover from it?
First of all, businesses need to understand how they actually receive ransomware, Malacko said.
“It most frequently will be coming from the web or an email. It might be an email that has attached documents. It might come in an archive or link. It could even be a hacked website called a watering hole that redirects you to the payload of the ransomware,” he said.