The largest medical cyberattack in U.S. history may have occurred last week. CommonSpirit Health is suffering at the hands of a not-yet-identified ransomware group. The number of medical records affected could be as high as 20 million.
Read on to learn more, including why healthcare is under attack and the steps to take if your medical record is leaked.
The largest medical cyberattack in US history?
CommonSpirit Health is the nation’s fourth-largest hospital system with 142 hospitals in 21 states.
CommonSpirit Health’s Statement
Over the course of this past week, we have been managing a response to a cyberattack that has impacted some of our facilities. Patients continue to receive the highest quality of care, and we are providing relevant updates on the ongoing situation to our patients, employees and caregivers. Patient care remains our utmost priority and we apologize for any inconvenience this matter has created.
As previously shared, upon discovering the ransomware attack, we took immediate steps to protect our systems, contain the incident, begin an investigation and ensure continuity of care.
Our facilities are following existing protocols for system outages, which include taking certain systems offline, such as electronic health records.
In addition, we are taking steps to mitigate the disruption and maintain continuity of care.
To further assist and support our team in the investigation and response process, we engaged leading cybersecurity specialists and notified law enforcement.
We continue to conduct a thorough forensics investigation and review of our systems and will also seek to determine if there are any data impacts as part of that process.
Systems serving Dignity Health and Virginia Mason Medical Center have had minimal impacts on operations by this incident. For the other parts of our health system that have seen impacts on operations, we are working diligently every day to bring systems online and restore full functionality as quickly and safely as possible.
Central to our decision-making has been and will continue to be our ability to carry out our mission in a manner that is safe and effective to those we serve. At CommonSpirit Health, we are dedicated to meeting the needs of the communities we serve and are guided by our core set of values, which include integrity, excellence, and collaboration. We are grateful to our staff and physicians who are doing everything possible to mitigate the impact to our patients and ensure continuity of care.
The CommonSpirit ransomware attack impact area
Subsidiaries of CommonSpirit affected by the attack include CHI Health facilities in Nebraska and Tennessee, MercyOne Des Moines Medical Center, Houston-based St. Luke’s Health and Michigan-based Trinity Health System. As stated above, Dignity Health and Virginia Mason Medical Center have had minimal impacts on operations by this incident.
5 reasons why healthcare is a target for ransomware
Healthcare organizations are vulnerable to cyberattacks, even more so than other industries. The reasons why advanced persistent threat (APT) groups actively target covered entities, such as healthcare providers, pharmaceutical companies, and medical research organizations, likely include the following:
- Medical records are valuable on the black market and fetch up to $1,000 per record.
- Healthcare may be more likely to pay ransoms to get data back because lives hang in the balance.
- The attack surface is excessive and often left vulnerable.
- Untrained or overworked staff are prone to make errors.
- Lax security: A healthcare organization may view cybersecurity as an expense, despite the fact that that expense is small compared to what the organization could lose in the event of a data breach.
How do ransomware attacks happen?
Phishing emails are a common method of delivering ransomware attacks. An attachment is sent in an email as a link that the victim believes is trustworthy. When the victim clicks on that link, the malware in the file begins to download.
Upon entering a system, the malware begins encrypting the victim’s data. The files are then encrypted with an extension which makes them inaccessible. Once this is done, the files cannot be decrypted without a key known only to the attacker. Finally, a message will be displayed to the victim, explaining that the victim’s files are inaccessible and can only be reaccessed by paying a ransom to the attackers.
Are foreign governments targeting the U.S. healthcare system?
Anne Neuberger, U.S. Deputy National Security Advisor, stressed the growing threat of foreign cyberattacks, citing U.S. government reports that identify specific “preparatory activity” targeting U.S. companies and critical infrastructure.
Further, the U.S. Department of Justice confirms that a North Korean regime-backed programmer is charged with conspiracy and responsible for the destructive Global WannaCry 2.0 ransomware attacks.
“Security needs to be top of mind for every company. Email security is the number one cause of breaches,” Paubox customer Eli Golden, Director of IT at The Jellyvision Lab, explains. “Attackers are getting smarter, and while we train our staff thoroughly with simulated attacks and live sessions, it’s best to have as much protection as possible.”
Healthcare executives rank ransomware as the #1 threat
A recent survey of 132 healthcare executives found that ransomware was the number one cybersecurity threat – more than data breaches or insider threats – according to the Health Information Sharing and Analysis Center, a nonprofit global cyberthreat forum for the healthcare industry.
Take these 7 steps if your medical record is breached
- File a police report
- File a report with the FTC
- Inform your insurer
- Get copies of your medical record
- Notify the three credit bureaus
- Ask for corrections
- Use strong passwords and 2FA or MFA on your accounts
Are you in healthcare and concerned about digital security?
In fact, Paubox is securing nearly 70 million HIPAA compliant emails each month for more than 4,000 healthcare customers and has a 4.9/5 G2 rating.
Whether you are a large hospital or a standalone clinic, Paubox has the right email product to keep your data and organization HIPAA compliant and secure.