Last week, Dan Goodin of Ars Technica reported that LifeLabs—a specialty laboratory testing company based in Canada—was the victim of a recent cyberattack. On the first of November this year, LifeLabs reported a potential cyberattack, which was later confirmed to be real and one that resulted in 15 million customers having their data stolen, as mentioned in a recent statement by the Office of the Information & Privacy Commissioner for British Columbia (OIPC). Said data included everything from passwords to health information and the attackers demanded a ransom in exchange for restoring the data. To rub salt on the wound, LifeLabs ultimately released an open letter stating that they gave into the ransom demand. Dan Goodin observed that the open letter is absent of any information regarding the amount of the paid ransom. An enormous ransom could serve as a source of embarrassment and damage the reputation of a health service provider.
During the last four years, ransoms connected to cyberattacks have become a common trend. Part of this is due to public victories for hackers, using the LifeLabs incident as an example. Another factor is the rise of malware specifically created for ransoms, known as ransomware. Although the use of ransomware isn’t mentioned in the open letter or the statement, it makes ransom schemes significantly easier to carry out and often works by encrypting the victim’s data so that even if the malware had somehow been removed, data would still be lost because victims wouldn’t possess the key necessary for decryption.
Unfortunately, not only do hospitals have to treat infected patients, but the systems they need to treat their patients can be infected too. Since health-related data is critical and often time-sensitive, hospitals have proven to be popular targets for ransomware attacks. Examples would be the 10 targeted in Maryland in 2016, as noted by Sean Gallagher of Ars Technica. The nature of such attacks is worsened by the fact that hospitals deal with life-or-death scenarios. In 2016, CNBC reported that a hospital in Los Angeles became the victim of ransomware, thus forcing the transfer of emergency room patients to other hospitals. The ransom itself was reported to be equivalent of $3.7 million in Bitcoin—the currency of choice for hackers.
Many hospitals are victims of ransomware due to poor IT infrastructure. In 2016, Sean noted that “many hospitals still have computerized IV pumps, MRI machines, monitors, and other devices that are running on old, unpatched embedded OSes because the manufacturers have been slow to update them”. Tudor Drugan and Dan Istrate of Iuliu Haţieganu University of Medicine and Pharmacy suggest that the manufacturers decrease production costs and speed up product placement by foregoing any measures to ensure the security of their devices. Although forcing manufacturers to update their embedded OSes may not be feasible for hospitals and clinics, they can still take measures to prevent ransomware attacks. IT Modernization—such as that provided by SD Solutions, LLC—can reduce the likelihood of ransomware attacks. This is accomplished by updating the legacy systems that can be updated, replacing both old hardware and software, as well as ensuring that IT staff members receive proper training.