Maintaining a Pulse: Ransomware in the Healthcare Sector

It seems in media today, the rise of ransomware has plateaued and remained painstakingly prevalent , targeting the most critical of data. Committed through financially motivated efforts, these organizations still wake to the sorrowful sound of their assets being hijacked and held for ransom. So, while new threats such as crypto miner botnets and third-party application exploits drown our feeds, why are we suddenly desensitized to ransomware?

Well, for one, we’re not. Just because ransomware is no longer the flavor of the month in the media and in turn reported less, this doesn’t mean that ransomware is any less prevalent. Small and medium sized organizations are still very active on this front, as they serve to face the threat regularly. In exploring  one specific industry as an example, these extortion methods are increasingly aimed towards, is the healthcare sector. A sector that, ridden with legacy systems, an exploding IoT environment, and a few portals for business partners, customers, and employees alike, has enough security projects on their plate. This leaves the time dedicated to ransomware at a general reactive level with only a few occurrences of runbooks and response plans to save the day.

A Recent Example of Ransomware in the Healthcare Sector

In past news, a malicious actor under the handle The Dark Overlord publicized his crimes through media sources. The hacker stated to have individually stolen up to 10 million patient records which were sold on the black market. Post exploitation, if the demanded ransom was not paid by these healthcare providers, consignments of data  would be packaged with the price tag of up to $134,000, generally less than the ransom itself. But it doesn’t stop there. This one actor extorted PilotFish Technology, a firm that develops and markets the software that many healthcare systems use, for (Read more...)