- NG Firewall
- Solutions by Industry
- Solutions by Issue
It’s a story similar to many others that have been taking place over the last few years. Employees and executives come into their place of business like any other day, only to realize that the critical data they need to do their jobs is locked away under the watchful eyes of cybercriminal encryption.
Kansas Heart Hospital’s ransomware experience was an echo of many other companies’ breach narratives at the beginning; however, this story took a turn for the worse. While an unfortunate incident for the hospital, this case does shine a bright light on some valuable lessons that the health care industry as a whole should take note of.
Kansas Heart Hospital is just the most recent victim in a long line of data breaches that have taken place in this sector. According to HealthcareITNews, the health care institution was hit with a ransomware infection that left employees without access to certain important information until a ransom – typically requested in the form of untraceable Bitcoin – was paid. While the exact amount was not specified, Kansas Heart Hospital president Greg Duick confirmed that the organization did send money to cybercriminals, noting that it was only “a small amount.”
“Kansas Heart did not regain access to its information after the ransom was paid.”
However, as opposed to unlocking the files and data as promised, Kansas Heart did not regain access to its information after the ransom was paid.
“Kansas Heart Hospital discovered that paying a ransom does not necessarily result in viable decryption keys being provided,” HIPAA Journal noted. “Rather than supplying the keys to unlock the data as promised, the attackers decided to try to extort more money from the hospital and a second ransom demand was issued.”
Instead of sending additional funds, however, Duick and other hospital executives elected not to pay this subsequent ransom.
“[T]he policy of the Kansas Heart Hospital in conjunction with our consultants, felt no longer was this a wise maneuver or strategy,” Duick said in a statement, according to HIPAA Journal.
So where does this leave the hospital, its patients and its critical information? As one can probably guess, the hackers responsible for this attack – which Duick thinks is an offshore operation, HealthcareITNews noted – did not unlock the institution’s files or data. Currently, the hospital is working to restore this information from its backup files.
“Kansas Heart Hospital did have a ransomware emergency plan in place which was triggered following the attack, although not before the infection had spread,” HIPAA Journal reported.
Duick noted that even with this set of procedures in place, the infection still managed to become “widespread throughout the institution.”
By no means was Kansas Heart Hospital the first victim of its kind, and it surely will not be the last. If the rash of ransomware attacks that have taken place over the last few years have taught us anything, it’s that any organization in any industry – particularly health care – can fall victim to an attack that results in a data breach.
However, this case does provide a few key lessons that other hospitals should pay close attention to, including: