It seems like healthcare industry has become the new favorite target of ransomware operators. In the past two years alone, some noteworthy ransomware attacks have occurred, targeting different healthcare facilities all over the world.
Last year, UK’s National Health Service became the target of SamSam ransomware attack. This year, Allscripts, a third-party healthcare service provider in the US, became the victim of ransomware attack. Meanwhile, an Australian health insurance company has also made it to the headlines as a ransomware victim.
It is important to understand that such attacks are really devastating for establishments dealing with healthcare affairs. Even if they complete their ransomware removal activities in the quickest possible manner, they still have to suffer from a considerable amount of downtime.
We have seen it in the case of Allscripts. The company has completed its ransomware removal and recovery activities within two days after the attack. However, they still had to suffer from six days of downtime.
RISE is a healthcare facility based in Wisconsin formed by a community partnership. On June 7, the company reported that they had suffered a ransomware attack in which Patient Health Information (PHI) of more than 3,500 individuals was compromised.
PHI is a crucial piece of information that can be considered confidential. Name, address, SSN, date of birth and medical information of an individual constitute this record. This means with the attack, ransomware operators got the access to the confidential information of thousands of patients.
The administration of the facility found out about the attack on the following day. They immediately took their system offline and contacted law enforcement agencies and forensic experts. The company hasn’t clarified whether they did ransomware removal activities on own or paid the attackers to get the decryption key.
Following the attack, RISE has offered free identity protection services to all the individuals whom PHI records have been compromised in the attack. In a press release, the company has also reassured the clientele that it is going to streamline the security of networks and will introduce training courses for the staff to get accustomed to ongoing cyber threats.