Two medical institutions, Frederick Health and New York Blood Center Enterprise (NYBCE), we are working on confusion from separate ransomware attacks that we faced last week.
Frederick Health posted on the website on January 27, stating that “I have recently identified ransomware events” and is working to return the system online with a third -party cyber security expert. 。
Most of the facilities remain open and still provide patient care, but it has been reported that Frederick Health has closed in the village lab and may experience operational delays. did.
New York Blood Center Enterprise, a non -profit organization composed of independent blood centers, first identified suspected activities to affect IT systems on January 26. Includes threats caused by ransomware attacks. NYBCE is working on the system restoration. However, it is unknown when it will work completely. The organization expects blood donation time at the center, and off -site blood collection can take longer than usual.
Neither organization has disclosed information about who violated it or whether the information was stolen. The Ransomware Group has not yet been responsible for the attack.
Endless list
Ransomware attack It has become a harsh reality of health care. Unlike other industrial sector facing similar threats, it is not only reputable damage or economic burden. In the medical field, it is a patient's life.
According to 2024 Microsoft StudyNearly 400 US medical institutions were infected with ransomware, and the average report was $ 4.4 million. Downtime, which these facilities experience while stepping in, costs up to $ 900,000.
Medical institutions provide a lot of information and data type, from medical records to financial details, and information that can identify various individuals.
“Many healthcare organizations develop businesses with limited cyber security funds and personnel arrangements, giving priority to patient care over IT security investment,” said Fenix24's co -founder HEATH READING DARK READING DARK READING. I will talk to. “The huge number of endpoints, third -party vendors, and interconnected systems create a wide range of attack surfaces, but cannot be turned offline for maintenance, which worsens vulnerability. “
And when a threat person decides to violate the network of these healthcare organizations, they know that their efforts will be rewarded to steal this information and lose all of these medical systems. While you are, keep it for ransom. For them, these malicious events are added only to the strength of the life and death they experience every day.
Ultimately, this is a very high reason to pay the reported ransom. Because medical institutions have a known achievements for the willingness to pay what the patients need to give the patient to the patient.
Strategy for whimsical morals
The struggle with Ransomware Scourge has tested many organizations and security experts. The Ransomware Group has been mature to evolve the use of technology to avoid new corrections. Their business models are always evolving in affiliates, committees, and even referral programs.
“Some ransomware groups argue that they have an ethical boundary that states not to target hospitals, but history is often empty, and critical care facilities are still sacrificed. It indicates that it is, “says Renflow. “On the other side, healthcare organizations have ethical obligations to protect patient data and ensure operational resilience. We often forcibly make a strict decision between providing funds to patient care. “
However, if patient care is widespread for a long time, it is necessary to change the health care industry cyber security practice.
In May 2024, the advanced Research Project Health Bureau (ARPA-H), a funding agency created by the Biden administration, committed it. $ 50 million To support the creation of software to enhance cyber resilience for hospitals.
This program, which is called universal patching and restoration (upgrade) for autonomous defense, focuses on fields such as vulnerability management, automatic detection, defense, etc., and is a hospital IT staff, equipment manager, and cyber security experts. I'm trying to gather and clarify. Cyber security vulnerability.
And even the Ministry of Health and Welfare (HHS) Strengthening healthcare cyber security programs After the United Health Care Firm of Healthwear Group was targeted earlier last year, it led to the confusion and suspension, one of the worst violations we saw so far.
Regarding what the healthcare institution can do, Renflow, “Involvement backups with a guaranteed returned up -op (RTO) must be the top priority -not only assumed, but also tested and proven. ” Attacks occur, and medical institutions can quickly recover operations without ransom, without confusion. “
“In today's world, true resilience is the only security guarantee,” he says.
