Federal Agencies Warn Health Care and Public Health Sector of Ransomware Threat

Hamilton Barber
Maynard Nexsen
Contact
LinkedIn
Facebook
X
Send
Embed

Nexsen Pruet, PLLC

As hospitals and healthcare providers/systems (collectively, “Healthcare Providers”) across the nation have been reacting to spiking COVID-19 cases, an increased, imminent cybercrime threat targeting Healthcare Providers has emerged—ransomware. Ransomware is a distinct type of malware (malicious software) that attempts to deny victims access to their data until a ransom is paid.

The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and Department of Health and Human Services (HHS) have released a joint cybersecurity advisory that describes a particular kind of ransomware (Ryuk) aimed at extorting money from Healthcare Providers. The advisory urges Healthcare Providers to take precautions to protect their networks from these emerging threats, detailing best practices for protecting against and responding to ransomware attacks.

Alex Holden, CEO of Hold Security, has indicated the group of cybercriminals demanding these ransoms have been requesting more than $10 million per target and discussing a plan to infect more than 400 Healthcare Providers. CISA, FBI, and HHS recommend against paying such ransoms since paying ransoms do not guarantee Healthcare Providers will recover their files.

According to recent news reports, ransomware attacks have in recent weeks affected several Healthcare Providers, including, but not limited to, Dickinson County Healthcare System (Michigan); St. Lawrence Health System (New York); Sky Lakes Medical Center (Oregon); and Universal Health Services (Most U.S. States), which is one of the largest health systems in the United States. Healthcare Providers of all sizes should take this threat serious, whether a large health system or a 2-physician practice. Brett Callow, an analyst at the cybersecurity firm Emsisoft, has indicated there have been almost 60 ransomware attacks on Healthcare Providers so far this year, “disrupting patient care at up to 510 facilities.”

Aside from the loss of access to data, ransomware attacks on Healthcare Providers pose a very real threat to patients; a ransomware attack contributed to the death of a patient in Germany who was unable to receive emergency room service at a nearby hospital because of the ransomware attack. To minimize service disruptions due to these kinds of cyberattacks, Healthcare Providers should maintain business continuity plans so that they can continue functioning despite a cyberattack.

HHS has published cyber security and ransomware guidance to assist Health Insurance Portability and Accountability Act (HIPAA) covered entities and business associates  better understand and respond to cyber threats. Healthcare Providers covered under HIPAA should review this guidance. Healthcare Providers should also review their cyber insurance policies to make sure they have adequate coverage to protect them against these kinds of cyber threats.

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Maynard Nexsen | Attorney Advertising

Written by:

Maynard Nexsen
Maynard Nexsen
Contact
more
less

Maynard Nexsen on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide