How Big of a Problem Is Ransomware?

Software that holds patient data hostage in exchange for ransom is a threat providers must monitor.

• By David Kopf
• Feb 01, 2017

Ransomware is a “huge challenge,” according Jeremy Kauten, CIO and senior vice president of IT for VGM Group Inc.

“The FBI reports that payments for ransomware exceeded $1 billion in 2016,” he says. “Many security experts are claiming that in 2017 we will encounter ransomware 2.0, which is a term to describe the next level of ransomware attack that will be more sophisticated and damaging than what we are currently facing. An example of this is where a ransomware attacker will lock the files on a computer or network and require a fee to unlock the files (traditional ransomware), while a second attack will be locking the computer as well, requiring a second payment to unlock each computer.”

And Ransomware attacks often target healthcare businesses, because they data they hold is so private and important. This means the ransom can wind up being incredibly lucrative for cyber criminals.

“Ransomware is prevalent in the healthcare industry because hackers can get a premium price if they know lives are at stake, especially in a hospital ER where down systems mean lives could be at risk,” Kauten explains. “One defense to traditional ransomware attacks is to restore files from a backup, which can take hours to complete. Paying a fine is often less invasive when time is of the essence to repair the issues.”

But this isn’t isolated to large hospital systems or care organizations — it’s any health business. Kauten highlights that hackers are targeting the healthcare industry by searching healthcare databases and websites, which means that HME providers are just as likely to get targeted as any other healthcare provider.
“At Medtrade Fall 2016, after a cybersecurity presentation I did, several HME providers explained that they had been hit with ransomware attacks and were negatively impacted,” he says. “I have heard of the fees ranging from $200 to $20,000 to unlock the files.”

And Kauten underscores that just because you might not read about ransomware attacks in the news, you shouldn’t conclude that it is not a pertinent issue.

“Ransomware usually goes unreported,” he explains. “If a company pays a fee, they get their data back and typically move on as if nothing happened, since it does not normally make the news media. There are many claims that the Department of Health and Human Services (HHS) are now viewing ransomware as a breach. So it may be possible in the future that fines and notification requirements may apply to a ransomware attack.”

So the bottom line is that providers need to work now to protect themselves going forward.

“Ransomware will continue to be a major issue in the foreseeable future,” Kauten notes. “Hackers historically had to get paid from the underground black market through distribution for things like social security numbers and credit card numbers. Conducting business with other criminals and hackers isn’t as lucrative as receiving an instant payment from a legitimate business like a ransomware payment, which is paid by the victim to the hacker.”

This article originally appeared in the February 2017 issue of HME Business.