Healthcare News & Insights

Ransomware: Hospital pays up – but still can’t access files

The problem of ransomware hasn’t gone away for hospitals. In fact, it’s continued to rise. Worse, cyberattackers have gotten trickier, and they’re demanding more of hospitals than ever before. 

In the past, rather than deal with the hassle of recruiting IT experts to decrypt their data, hospitals and other companies have paid the ransom demanded by the hackers to receive access to their files again.

One hospital tried that strategy when faced with a ransomware attack, and things didn’t end the way it hoped.

According to an article from IT Manager Daily, Kansas Heart Hospital got hit with a ransomware demand, so it decided to pay the hackers an undisclosed amount described as “small” to avoid the hassle of data retrieval.

But the hackers didn’t live up to their end of the bargain. Instead of restoring Kansas Heart’s access to all its files, they demanded more money from the facility. The hospital refused to pay the second ransom, and it’s now dealing with the fallout.

Fortunately, the cyberattack didn’t disrupt the hospital’s daily operations, and no patient information was in danger of being compromised. Officials from Kansas Heart said that the facility had a plan in place for ransomware attacks, and it went into effect right when the malware first infected its system, which minimized any damage.

According to Kansas media outlet KWCH 12, the facility is currently working with its in-house IT staff, along with outside security experts, to restore access to the encrypted files.

Effect on attack trend

Not only are ransomware attacks becoming more common, hackers are becoming greedier.

But the refusal of these criminals to honor the deal with Kansas Heart may end up decreasing the number of ransomware attacks in the long run.

Here’s why: Hospitals and other organizations might be less likely to pay now that they’ve seen how the hackers don’t always keep their word.

Creating a strategy

Regardless of whether the trend starts to decline, hospitals still need to have a plan in place to address ransomware attacks. After all, it only takes one tech-savvy criminal to cripple your operations.

Your facility will need a strategy covering everything from how to communicate with cybercriminals once a ransomware attack happens to the best procedures for locking down patients’ protected health information (PHI) so it can’t be accessed by outsiders.

The plan must be compatible with your hospital’s current situation. Some larger facilities may decide that it’s worth the risk to just pay the ransom. While many experts discourage this practice, both to avoid situations like the one plaguing Kansas Health and to discourage copycat attacks, some organizations say it might be the best move under certain circumstances – including the FBI itself.

Whatever approach your hospital chooses, it’s essential that it includes the regular backup and encryption of network files. That way, should a hacker strike, your facility won’t be lost without access to the information in patients’ medical records and other key details.

Not only will that make daily operations easier while dealing with a ransomware attack, it’ll also make it less likely that rash decisions will be made in a panic during negotiations with hackers to restore data.

Subscribe Today

Get the latest and greatest healthcare news and insights delivered to your inbox.