News

Next Level Ransomware: Why They Target Healthcare Industries?

Tue, 06/09/2016 - 15:27
Data Backup

In recent years there has been an influx of hospitals and medical institutions being targeted by ransomware. And the reason behind it is not because hospitals have tons of money…

The more ransomware – and the cybercriminals responsible for it – has evolved in recent years, the more we can see that the “code of conduct”[1] previously upheld by cybercriminals distributing ransomware is disappearing. Ransomware has gone from dark to really, really dark. Placing people in physical danger was never the intent of ransomware, but the wrong tool in the wrong hands can wreak havoc.

The main reason for cybercriminals targeting medical institutions is because hospitals have at their disposal vast amounts of patients’ data (medical histories, drug prescriptions, allergies, etc.) that they rely heavily on in order to provide them with the necessary care they need. And because patients’ lives are at stake when that data is being held hostage, cybercriminals have almost a 100% guarantee that they will receive their ransom money. It’s shocking to think that ransomware criminals would exploit the situation by placing medical care givers in such a state of desperation that they have no choice but to pay the ransom.

They’re After More Than Money

Unfortunately, the reasons behind hospitals and medical facilities being targeted gets more complex. The sensitive data mentioned before is quite a valuable commodity on the cyber black markets. Medical histories, patient information and drug prescriptions are more sought after and more valuable than even credit card information. So when the ransomware has encrypted the data of the targeted healthcare facility, it has probably already stolen the information too, placing the ransomware criminals in a position of power: they already have what they want and what is to stop them from demanding more ransom, or worse, deleting all the data?

A Good Reason Not to Pay the Ransom

This horrific exploitation of human desperation is a very good reason not to pay for the ransomware decryption key and stop granting cybercriminals the flourishing business opportunity which is ransomware. Unfortunately, when faced with the decision between life and paying ransom one can see the logic behind giving the criminals what they want. This perpetuates the ransomware market and encourages criminals that easy money can be made by peppering healthcare industries with ransomware.

So What Should Be Done?

Once again this brings us back to the fact that a comprehensive backup strategy and disaster recovery plan is really the only fail-safe method of surviving a ransomware attack. Most hospitals not only pay the ransom because they have no other choice but they also pay because of time constraints. They believe that data restores, or even a full system restore, would take longer to get the data back than paying the ransom. So if someone’s life is at stake, the quickest method becomes a no-brainer.

However, reputable backup service providers that aim to be market leaders in data protection and recovery should heed this need for instant access to backed up data and seize the opportunity to provide such features in their software. This type of immediate restore should be a compulsory for all industries that would suffer if access to their data is denied.

If your current backup service provider can’t accommodate instant access to your data, perhaps it is time to change.



[1] Don’t be too surprised, even pirates had a code back in the day.  

Recent Articles

Redstor_Ransomware_Typewriters_blog Ransomware

Latest Ransomware Attacks Leave Organisation Working On Typewriters

Ransomware is a threat to all organisations and has been prevalent for a number of years. Although recent reports suggest that organisations are no... read more

August 09, 2018
Redstor_Reddit_blog Ransomware

Two-factor Becomes Hack-factor In Reddit Attack

The last few years have seen a number of high profile hacks, each growing in complexity and affecting masses of people. Strains of ransomware have... read more

August 07, 2018
Redstor_Dixons_super-breach_blog Disaster Recovery

Dixons Breach Becomes Super-breach Following Review

Earlier this year high street electronics firm Dixons Carphone revealed that a data breach had occurred the previous year, effecting over 1 million... read more

August 02, 2018