Ransomware Woes
The Medical Internet of Things ( IoT )
Healthcare Cyber Security
Troy Wilkinson
Ransomware Woes
Healthcare continues to be the favored industry for ransomware attacks , accounting for 45 % of ransomware attacks in 2017 . The recent attacks with SamSam ransomware is particularly concerning because it requires the attacker to be inside the victim ’ s computer network to manually activate the ransomware . This means that the attacker ( s ) who held Hancock Health , AllScripts , the Colorado Department of Transportation , and most recently at the time of writing , the City of Atlanta , Georgia ransom had remote access to the computer systems of all those organizations .
But it is not just the recovery of the data from a ransomware attach that should cause concern for healthcare practices , there is also a compliance concern . According to guidance published by Health and Human Services in 2016 , a successful ransomware attack is considered a HIPAA breach because “ When electronic protected health information ( ePHI ) is encrypted as the result of a ransomware attack , a breach has occurred because the ePHI encrypted by the ransomware was acquired ( i . e ., unauthorized individuals have taken possession or control of the information ), and thus is a “ disclosure ” not permitted under the HIPAA Privacy Rule .”
The onus to prove that the ePHI was not breached is placed on the healthcare provider who must undergo a thorough investigation to prove that :
“ 1 . the nature and extent of the PHI involved , including the types of identifiers and the likelihood of re-identification ;
2 . the unauthorized person who used the PHI or to whom the disclosure was made ;
3 . whether the PHI was actually acquired or viewed ; and
4 . the extent to which the risk to the PHI has been mitigated .”
The middle two points are often the hardest to prove and require extensive , costly forensic investigations by certified professionals . Additionally , forensic investigation requires that the computers not be reverted from their compromised state . Salina Family Healthcare Center in Kansas found that dealing with their ransomware infection too quickly and failing to preserve at least one infected computer led to their inability to prove that the ePHI was not breached .
An all too often thought , and dangerous misconception , is that the hackers behind ransomware attacks only focus on large medical facilities . Unfortunately , that is simply not true and there have been successful ransomware attacks on many practices , compromising the data of hundreds to thousands of patients , current and former .
The Medical Internet of Things ( IoT )
The advancement of technology in the medical field is astounding . With technology has come the benefits of better efficiency and accuracy but as we have come to know all too well , when it comes to technology , anything that can be hacked , will be hacked .
There have been demonstrations of devices being hacked to change medication levels in insulin pumps , having pacemaker functions altered , or devices being affected by ransomware which shows that hackers are approaching medical IoT devices from multiple angles . While it may be an inconvenience to have your favorite website shut down because of a cyber-attack , or have your credit card information stolen in a data breach , medical IoT threats are different because they can have real-life , physical repercussions – a far greater and more lethal risk than any other cyber-threat . And medical IoT devices can threaten not just the device and patient ’ s life , but it can also give hackers access to the entire medical facility ’ s network .
Medical IoT devices can be more difficult to protect because they do not run on standard computers so
TODAY ’ S PRACTICE : CHANGING THE BUSINESS OF MEDICINE 104