• Increase Font

    How to protect equipment from ransomware attacks

    The devices that reveal the inner workings of the human body can also expose healthcare organizations to lethal attacks by hackers who use medical equipment to infect computer systems with ransomware.

    Ransomware—the insidious software that locks up data and enables hackers to demand financial payments to release it—has evolved during the past decade into a sophisticated, multi-billion dollar crime ring. This is evidenced by the WannaCry attack earlier this year that affected 200,000 Microsoft Windows-based machines in more than 150 countries.

    According to a report released by the U.S. Department of Homeland Security, the healthcare field remains one of the richest targets for ransomware attacks because of its need for immediate access to patient records.   

    But how does a ransomware infection make the leap from medical devices like MRIs into the heart of practice computer systems? 

    Entry through back doors

    Medical devices are often accessible outside of normal network login requirements because manufacturers maintain separate, backdoor access for maintenance purposes. Cyber thieves manipulate this access point to gain initial entry into a computer network. Then the malicious software can travel swiftly throughout the whole system when records from MRIs, CT machines and ultrasounds are electronically passed shared among medical staff. 

    Once they get in, hackers can wreak havoc on medical organizations, as they did to the National Health Service in the UK during the WannaCry attack or at Hollywood Presbyterian Hospital. The latter paid $17,000 in bitcoin to ransomware bandits who froze the hospital’s data for more than a week in 2016. 

    While WannaCry victims were running Windows 7, which still has security updates from Microsoft, medical devices are even more vulnerable to ransomware attacks because they operate on older legacy systems such as Windows XP, which Microsoft no longer supports.

    Art Gross
    Art Gross co-founded Entegration in 2000 and serves as president and CEO. As Entegration’s medical clients adopted EHR technology Gross ...

    0 Comments

    You must be signed in to leave a comment. Registering is fast and free!

    All comments must follow the ModernMedicine Network community rules and terms of use, and will be moderated. ModernMedicine reserves the right to use the comments we receive, in whole or in part,in any medium. See also the Terms of Use, Privacy Policy and Community FAQ.

    • No comments available

    Latest Tweets Follow

    Poll