Another day and another healthcare ransomware attack. The latest healthcare ransomware target – Erie County Medical Center (ECMC) in Buffalo, N.Y. ECMC and its long-term care at Terrace View facility got hit by a computer virus that prompted a computer system shutdown early Sunday. As of April 13th, they are still working on bringing their computer systems back online after a virus infected the system in the early hours of April 9.
The medical center expects to have the system back up and have full access to patient data tools within the next 72 hours, according to Peter Cutler, vice president of communications and external affairs at ECMC.
“We are focusing on restoring the patient-related sections of our computer system first,” Mr. Cutler says. “Over the next 72 hours we are doing a significant restoration of that portion of the system, so staff can start entering patient data. We are starting with our highest priority first.”
After being hit with the virus, ECMC officials decided to shut down the entire computer system to prevent further damage. However, the restoration process has begun, and officials expect patient data to be fully integrated into the system by April 15. The email system will also be up by then, according to a WGRZ report.
“There’s other aspects of the system that relate to some records and payroll information, things like that,” Cutler said. “But we have contingencies in place to continue to work through that circumstance.” Employees, he noted, will be paid on schedule.
A local television station reported, citing “sources,” that the cyber-attack unleashed “ransomware” on the hospital’s network. Cutler would not confirm the type of virus that attacked the hospital’s computers but said the investigation and the “sequential” restoration of other hospital computer systems are continuing.
Healthcare ransomware just keeps on coming
Healthcare is under attack as hackers use changing tools and techniques to access practice and patient data and hold it hostage, according to Beazley, a specialist insurer. Ransomware attacks handled by the company more than quadrupled in 2016, with nearly half of these attacks in the healthcare sector. Beazley expects these attacks to double again in 2017.
According to Beazley, organizations are particularly vulnerable to ransomware attacks during IT system freezes, at the end of financial quarters, and during busy shopping periods. Evolving ransomware variants enable hackers to methodically investigate targeted systems, selectively look at the most critical files, and demand higher ransoms to get them unencrypted.
“The threat from ransomware is not only growing but evolving to allow hackers to target vulnerable organizations and their most valuable data files and adjust ransom demands accordingly,” said Katherine Keefe, global head of Beazley Breach Response Services. “The sustained increase in these threats in 2016 indicates that even more organizations will be attacked in 2017 and need to have incident response plans in place before they get a ransomware demand.”
Unfortunately, the prognosis is not great!
The FDA is shifting its concern to a largely untargeted, yet vulnerable, area: medical devices. The FDA is concerned medical devices and the technology behind them do not offer enough cyber security. Terry Rice, vice president of IT risk management and chief information security officer at Merck & Co., discussed the vulnerabilities with the House Energy and Commerce Oversight and Investigations Subcommittee last week.
“Vulnerabilities in pacemakers and insulin pumps can be exploited to cause potentially lethal attacks and we have witnessed entire hospitals in the U.S. and U.K. shutting down for multiple days to combat ransomware infections in critical systems,” he said.
Both the FDA and device makers are adding cybersecurity experts to their team to improve security measures, according to Zach Rothstein, associate vice president at the Advanced Medical Technology Association.
“You’re starting to see FDA hire software experts so that internally they have more capabilities to evaluate cyber security programs of these companies,” he told The Hill.
This article was first published on CyberSec.Buzz.