Ransomware Strikes Hospitals, Clinical Laboratories, and Medical Clinics without Warning and Is Now a Major Threat to all Healthcare Organizations
Across the nation, healthcare attorneys and others report that ransomware attacks are happening weekly, and that once providers’ data systems are encrypted, they have few options to regain control of their information systems
Ransomware is now the single biggest threat to your hospital, clinical laboratory, and anatomic pathology group’s ability to operate a viable business. Few practice administrators and managers are fully aware of this threat. And yet, many still have not taken even basic steps to protect their organizations from ransomware attacks.
Encryption attacks that shut down a hospital or lab’s information services come without warning, rendering the provider unable to access electronic healthcare records (EHRs), to schedule appointments, or conduct most other normal business activities.
Further, negotiating with the ransomware attackers to obtain a de-encryption key can take weeks. During that time, the hospital or lab cannot access its essential information systems and that disrupts or even stops patient care.
Think this cannot happen to your hospital or lab? Think again.
Just this spring, Scripps Health of San Diego was hit with a ransomware attack. Key information systems were encrypted, and it did not take patients long to notice that they could not email their physicians, access their medical records, or see their test results.
The ransomware attack became the headline story on the San Diego nightly news. Scripps would only admit that many essential information systems had been encrypted and that the organization was using paper to conduct business.
The ransomware attack on Colonial Pipeline of Houston, which took place one week after the Scripps Health attack, also became global news. Colonial Pipeline supplies gasoline and similar fuels to 14 states—from Georgia in the South to New York and New Jersey in the North. Dark Daily readers living along the Atlantic Coast personally experienced the shortage of gasoline in their communities because of the ransomware attack on Colonial Pipeline.
No Ransom Payment, No De-encryption Key
Ransomware is probably the single biggest threat to every hospital and every clinical lab in this country. But few healthcare organizations are taking the essential steps needed to make their information systems more resistant to an encryption attack. Even fewer hospitals and labs have policies or procedures in place that outline how management should react when an encryption attack is first discovered. Yet these attacks are hitting medical providers every week across the US.
Dark Daily surveyed several major law firms that have sizeable healthcare practices. Each firm stated it is contacted weekly by one or more hospitals, labs, and medical clinics that have had their digital systems encrypted, followed by a demand for ransom. The healthcare providers were told by the hackers that if they did not pay the ransom, they would not receive the de-encryption key required to bring their software, apps, and digital systems back into service.
“This is the biggest story in healthcare, yet it gets little attention,” stated Robert L. Michel, Editor-in-Chief of Dark Daily’s sister publication The Dark Report. “The reason why you don’t read more news stories about ransomware attacks on hospitals and labs is simple. If it becomes known that a hospital or a lab paid ransom to obtain the de-encryption key needed to restore access to its information systems, that encourages other hackers to attack the organization as well, since the hackers know the organization will pay the ransom. They figure if the provider paid the ransom once, the same provider will likely pay it again.”
Payment of Ransom Does Not Guarantee Restoration of Critical Systems
As bad as a ransomware attack on a hospital, lab, or a medical clinic can be—it can get worse. “Experts involved in helping hospitals and labs respond to a ransomware attack say there is no guarantee the de-encryption key provided by the hackers after payment of ransom will restore access to the encrypted systems,” Michel noted. “We hear reports of hospitals and labs that spent more on their efforts to bring the encrypted systems back online and functioning than they did on the actual ransom.”
To help laboratory managers, CIOs, IT directors, safety and compliance officers, and anatomic pathology laboratory managers and administrators better understand the legal issues triggered by—and your obligation in response to—a ransomware attack, Dark Daily is conducting “Ransomware Protection and Response for Clinical Labs, Hospitals, and Pathology Groups: Effective Steps for Protecting Your LIS, EHR, and Other IT from an Encryption Attack,” on Thursday, August 19, 2021, from 1-2:30 pm Eastern.
This is a must-attend webinar—not only for you—but for everyone in your hospital, health system, or clinical laboratory who will be working to prevent ransomware attacks, or who is involved in restoring digital services following such an attack.
Two experts who are contacted each week by multiple hospitals, labs, and medical clinics that were attacked, had their digital systems encrypted, and received a ransom demand for hundreds of thousands—even millions—of dollars from hackers, will be sharing their knowledge and experience in the legal implications of—and the recovery from—ransomware attacks.
The panelists (above) are:
- Emily Johnson, JD (left), Member, McDonald Hopkins in Chicago.
- Paul Caron (right), Senior Director, Incidence Response, Arete Incidence Response, of Miami.
Johnson and Caron will cover best practices designed to provide crucial training and decision-making skills for handling a ransomware attack on hospital and health system clinical laboratories and anatomic pathology practices. These best practices include:
- Legal issues triggered by a ransomware attack: What to do when an incident is a breach and when it is not.
- Your obligations in response to a ransomware attack: HIPAA privacy and other regulatory rules, contractual arrangements (e.g., reference labs), and crisis communication to patients and other stakeholders.
- Responding to and negotiating with ransomware perpetrators—including the expected “etiquette” in dealing with cybercriminals—and collaborating with consultants who are experienced in how to deal with ransomware demands.
- And much more.
The roundtable discussion will help you understand how a security incident can occur with or without a breach of protected health information (PHI). Johnson and Caron also will discuss how knowing what to do in each scenario is essential to reducing collateral damage to both patients and your organization, and how to educate your hospital, lab and the broader medical community to address—both proactively and in response—the surging risk of ransomware attacks.
Act now to guarantee your place at this critical webinar. Click HERE to register, or copy and paste the URL https://info.darkdaily.com/ransomware-protection-response-for-clinical-labs-hospitals-and-pathology-groups into your browser.
And because so many healthcare administrators, physicians, and pathologists are working remotely, Dark Daily has arranged special group rates for hospitals, practices, and physicians that would like their essential leaders to participate in this important webinar and roundtable discussion on protecting against—and recovering from—ransomware attacks.
Inquire at email@example.com or call 512-264-7103.