FOX23 looks into why hospitals are targets for ransomware attacks | News | #ransomware | #cybercrime

TULSA, Okla. — FOX23 heard from a cyber security expert on the recent ransomware attack on Ascension hospitals including St. John in Tulsa.

“Most cyber criminal actors are profit motivated and they want to carry out attacks that will make them the most money. Often, ransomware attacks are highly lucrative,” said Tyler Moore, the chair of the School of Cyber Studies at the University of Tulsa.

It’s been exactly one week since the ransomware incident was first reported by Ascension. FOX23 told you how the hospitals like St. John in Tulsa is working on a manual document system until all of their software and data is restored.

Meanwhile, Ascension is working with the FBI on their investigation of the ransomware attack.

FOX23 learned what an attack on a hospital means and why this seems to be happening more and more.

“So a ransomware attack is when a cyber criminal gets into a business, like a hospital, and is able to take over some of the computers in that system, encrypt all of the information on those systems and just scramble them into indecipherable jumble,” Moore said.

With the recent attack on Ascension and the unclear timeline on when the hospital’s software will be restored, Moore said hospitals are an attractive target for cyber criminals.

“Well hospitals are frequent targets for ransomware attacks because they’re so devastated by them. You’ve got a hospital system that has to be available, operating 24/7, has medical providers, employees at the hospital to independent positions, to lots of third parties. They all need to be able to work these systems. They have patients coming in all hours day and night,” said Moore. “A Ransomware attack could bring those hospitals’ computer systems to a complete stop, which is a huge problem for a hospital because they need to be able to operate, but they can’t.”

Ascension reported the incident last Wednesday. Since then certain software like “MyChart” the patient portal has seen progress in the restoration work.

Ascension has started to send updates along with FAQ pages based on state or region. However, the hospitals said it’s not sure when the restoration process will be completed and what and whose data may have been breached.

“Well it can be long, unfortunately, even if the ransom was paid and the attacker were to decrypt the system, you have to be careful,” Moore said.

Moore said cyber criminals will keep a system encrypted or withhold the breached data until a ransom is paid, usually in an untraceable currency like bitcoin.

If the ransom is not paid, the criminal will not restore the system and will usually sell the data on the black market.

“What happens, as soon as it’s protected, as a precaution, the hospital will shut down access to these other systems, preventing them from being affected. So, if you’re a patient, what that means is you can’t access anything because the hospital has shut everything down, whether or not that particular system has been affected,” Moore said.

Hospitals like Ascension are larger network systems, which Moore said means more holes for a criminal to hack into and a greater profit if the attack is successful.

“When you look at the recent ransomware incidents that have happened in Tulsa you have Ascension St. John now, just a few months ago we had Hillcrest. Both of these hospitals are part of larger national health care systems. So the unfortunate reality is you have a system that has many hospitals, across many states, the attack surface is much bigger. So the likelihood of an attack like that succeeding is unfortunately much higher. It’s also more valuable for the criminal wanting to start the ransom,” Moore said.

Moore also said hospitals are a common target for ransomware attacks because they prioritize service and therefore a quicker reaction and potentially a quicker payout.

As for the investigation, it’s being headed by the FBI headquarters in St. Louis, who has not gotten back with FOX23 after reaching out.

Ascension hospitals in Green Country are all still open and functioning as usual, but are just on a manual documentation system, which could just mean longer wait times for walk-ins.

The hospital said if you have appointments for treatments or surgeries, still plan to show up to those like normal, unless they have personally contacted you.

Ascension has a full page to answer questions patients might have, which can be found by clicking here.

Source link


National Cyber Security