Next Level Ransomware: Why They Target Healthcare Industries?

Next Level Ransomware: Why They Target Healthcare Industries?

posted in Backup & Recovery ● 6 Sep 2016

In recent years there has been an influx of hospitals and medical institutions being targeted by ransomware. And the reason behind it is not because hospitals have tons of money…

The more ransomware – and the cybercriminals responsible for it – has evolved in recent years, the more we can see that the “code of conduct”[1] previously upheld by cybercriminals distributing ransomware is disappearing. Ransomware has gone from dark to really, really dark. Placing people in physical danger was never the intent of ransomware, but the wrong tool in the wrong hands can wreak havoc.

The main reason for cybercriminals targeting medical institutions is because hospitals have at their disposal vast amounts of patients’ data (medical histories, drug prescriptions, allergies, etc.) that they rely heavily on in order to provide them with the necessary care they need. And because patients’ lives are at stake when that data is being held hostage, cybercriminals have almost a 100% guarantee that they will receive their ransom money. It’s shocking to think that ransomware criminals would exploit the situation by placing medical care givers in such a state of desperation that they have no choice but to pay the ransom.

They’re After More Than Money

Unfortunately, the reasons behind hospitals and medical facilities being targeted gets more complex. The sensitive data mentioned before is quite a valuable commodity on the cyber black markets. Medical histories, patient information and drug prescriptions are more sought after and more valuable than even credit card information. So when the ransomware has encrypted the data of the targeted healthcare facility, it has probably already stolen the information too, placing the ransomware criminals in a position of power: they already have what they want and what is to stop them from demanding more ransom, or worse, deleting all the data?

A Good Reason Not to Pay the Ransom

This horrific exploitation of human desperation is a very good reason not to pay for the ransomware decryption key and stop granting cybercriminals the flourishing business opportunity which is ransomware. Unfortunately, when faced with the decision between life and paying ransom one can see the logic behind giving the criminals what they want. This perpetuates the ransomware market and encourages criminals that easy money can be made by peppering healthcare industries with ransomware.

So What Should Be Done?

Once again this brings us back to the fact that a comprehensive backup strategy and disaster recovery plan is really the only fail-safe method of surviving a ransomware attack. Most hospitals not only pay the ransom because they have no other choice but they also pay because of time constraints. They believe that data restores, or even a full system restore, would take longer to get the data back than paying the ransom. So if someone’s life is at stake, the quickest method becomes a no-brainer.

However, reputable backup service providers that aim to be market leaders in data protection and recovery should heed this need for instant access to backed up data and seize the opportunity to provide such features in their software. This type of immediate restore should be a compulsory for all industries that would suffer if access to their data is denied.

If your current backup service provider can’t accommodate instant access to your data, perhaps it is time to change.


[1] Don’t be too surprised, even pirates had a code back in the day.  

Benefits of Outsourced Data Backup

What are the advantages of outsourced data backup?

There are many reasons that businesses and their IT teams may weigh up the option to backup and protect data with an inhouse solutions versus outsourcing data backup.

Continue reading
Cyber-Criminals Targeting Schools

What can schools do about being soft targets for cyber-criminals?

Cyber-criminals are increasingly viewing education institutions as easy prey. No surprise then that the UK’s National Cyber Security Centre (NCSC) recently warned of a spike in the targeting of schools, universities and colleges.

Continue reading
Data Protection for Google Outages

Google outage is a data protection wake-up call for businesses

The majority of Google services went down yesterday, leading to widespread disruption all around the world. Users were left waiting for almost an hour before hearing they could regain access. 

Continue reading