Digital hygiene

Hospitals must be prepared for ransomware attacks

Dr Krishna Chinthapalli, a neurology registrar at the National Hospital for Neurology and Neurosurgery in London, describes how a virus - or “ransomware” - infected and locked computers at the Hollywood Presbyterian Medical Center in Los Angeles hospital in February 2016.

What can hospitals do to prevent becoming hostages of hacker criminals? Digital...
What can hospitals do to prevent becoming hostages of hacker criminals? Digital hygiene is key, says Dr Krishna Chinthapalli, a neurology registrar at the National Hospital for Neurology and Neurosurgery in London.
Source: shutterstock/Maksim Kabakou

Rumours surfaced that the hospital was being held to ransom for $3.4m (£2.6m; €3.1m), though the hospital denied this. After 10 days the hospital paid a smaller ransom of about $17,000 to regain use of its computers. Hollywood Presbyterian was the first hospital to admit paying a ransom, writes Chinthapalli, but other US hospitals, in California, Indiana, Kentucky, Maryland, and Texas, were targeted in 2016. He points out that the number of ransomware attacks rose fourfold from 2015 to 2016, and so did the amount of money paid to hackers, to $1bn, according to the FBI. In the UK, a third of NHS trusts have reported a ransomware attack, he adds.

Chinthapalli argues that hospitals are ideal targets for ransomware companies. For instance, many use proprietary software that runs on ancient operating systems - and hold confidential patient information that can be sold to other criminals. As such, hospitals are probably more willing than other organisations to pay for quick recovery of their data.

So what can hospitals and their workers do, he asks? Digital hygiene - that is, keeping hardware and software as secure as possible - is essential, while frequent backups are also important. And when attacks do occur, the IT department must be informed quickly to isolate infected computers, he says. “We should be prepared: more hospitals will almost certainly be shut down by ransomware this year,” he concludes.

 

Source: The BMJ

15.05.2017

Read all latest stories

Related articles

Photo

IT security

What keeps a hospital’s immune system healthy?

‘You can’t get 100 percent security, you can’t avoid all risks – but you can improve security tremendously just by considering some rules,’ explains Torbjörn Kronander, Board member, CEO…

Photo

Hospital technology

IT security: The user perspective

‘From an IT perspective, medicine is now networked to a very large degree, no matter which departments you look at,’ says Stefan Bücken, IT Security Officer at Erlangen University Hospital,…

Photo

Protection

Hospitals need a holistic approach to cyber security

A number of organisations within healthcare remain at risk of leaving systems vulnerable by failing to ensure there is a broad range of protection in place to safeguard data from hackers or cyber…

Related products

Agfa - DX-D 40 detector

DR

Agfa - DX-D 40 detector

Agfa HealthCare
Agfa HealtCare – Dose

Dose Management Systems

Agfa HealtCare – Dose

Agfa HealthCare
Agfa HealtCare – Enterprise Imaging

Mobile RIS/PACS Viewer

Agfa HealtCare – Enterprise Imaging

Agfa HealthCare
Agfa HealthCare – DR 14e detector

DR Retrofit

Agfa HealthCare – DR 14e detector

Agfa HealthCare
Agfa HealthCare – DR 14s detector

DR Retrofit

Agfa HealthCare – DR 14s detector

Agfa HealthCare
Agfa HealthCare – DR 17e detector

DR Retrofit

Agfa HealthCare – DR 17e detector

Agfa HealthCare