December 16, 2016
Healthcare organizations understand that network uptime is a critical (if not the most critical) component to organizational success in today’s digital age. Networks allow for electronic health records (EHR) to be accessed, life-critical applications to be run, and research to be conducted.
Cybercriminals also understand that all of these things are true, which puts the industry near the top of their lists of targets and why we’ve recently seen an uptick in DDoS and ransomware-related attacks making headlines and putting the industry on high alert.
Let’s take a closer look at some of the ways DDoS and ransomware attacks have been used against the industry and why healthcare organizations are on the lookout.
1. DDoS Attack on the Internet of Things
The Internet of Things (IoT) has the technical capabilities to bring patient care and the healthcare industry’s operational efficiency to new heights. However, like we’ve mentioned in previous posts, as the digital landscape grows, so too do the number of vulnerabilities.
In fact, the IoT very recently experienced what is being called one of the largest DDoS attacks ever conducted. The attack hijacked more than 100,000 Internet-connected devices, including webcams and routers, and used them to overwhelm a major internet service provider them with useless data. As a result, many major websites were brought offline.
The cybercriminals that conducted the attack identified weaknesses in the IoT devices (manufacturer passwords that had not been reset), which has many within the healthcare industry worried their devices could be next.
Potential impact on healthcare: Many of today’s Internet of Medical Things (IoMT) devices are created with convenience and usability at the top of mind. It’s important for those in the healthcare industry to understand that putting security in the backseat could open the door for attackers to target devices with DDoS attacks that could knock entire organizations offline.
2. DDoS Attack on Hospital Website
The rise of attacks on IoT devices does not spell the end for “classic” DDoS attacks that directly target websites. There have been a number of recent DDoS attacks on healthcare organizations, but one attack back in 2014 comes to mind before most others.
One of the largest children’s hospitals in the country was the target of a DDoS attack over a seven-day timespan. The hospital’s website was unreachable at the time, and even worse, research and day-to-day operations at the hospital were slowed to a near halt.
To prevent the attackers from accessing sensitive patient data, the hospital shut down a large portion of its network. Before all was said and done, the hospital had paid hundreds of thousands of dollars to mitigate and respond to the attack.
Potential impact on healthcare: Downtime in the healthcare industry can be life-threatening. When DDoS attacks knock websites and networks offline, hospitals are unable to access electronic health records, conduct research, control IoMT devices, and more.
Healthcare organizations need to ensure they have incident response plans in place should an attack take them offline.
3. Ransomware Attack on Hospital
In addition to DDoS attacks on hospital networks and their IoMT, the healthcare industry is also being strongly targeted by ransomware attacks. Rather than flooding a server with web traffic to bring it down, these attacks encrypt network devices and data, and the cybercriminals behind the attacks demand a sum of money to “unlock” them.
A ransomware attack in the spring of 2016 was conducted on a regional hospital and the cybercriminals asked for more than $15,000 in Bitcoin currency to restore control. Weakly protected web app servers were reportedly the attackers’ primary entry points, and from there malicious code was implemented across the network.
Potential impact on healthcare: Cybercriminals are aware that hospitals and other healthcare organizations are heavily-reliant on internet connectivity and access to EHRs. With this in mind, ransomware attacks will likely continue to be conducted, with cybercriminals hoping organizations will continue to give in to their financial demands.
How Healthcare Organizations Can Protect Against DDoS and Ransomware Attacks
As seen with the examples just mentioned, DDoS and ransomware attacks are becoming some of the most common and dangerous threats healthcare IT teams face today. As these threats continue to evolve, organizations need to invest in DDoS protection solutions that are just as dynamic.
Let’s get a conversation going on Twitter! How do you think today’s healthcare industry can better protect itself against DDoS and ransomware attacks?