How Hospitals Can Defend Against Ransomware


The novel coronavirus has had a devastating impact on hospitals in the United States and worldwide. Health care facilities find themselves understaffed, underfunded, and overburdened. Moreover, with elective procedures being canceled or postponed, an alarming number of American hospitals are cutting staff pay and hours or going bankrupt.

Unfortunately, another virus is also giving the health care industry grief nowadays, though technically, ransomware is a type of malware, not a computer virus. Hospitals, clinics, and even charities are getting hit by ransomware strains in record numbers. The attacks can significantly impact operational capacity. For example, the WannaCry ransomware cyberattack on the NHS (National Health Service) in the United Kingdom forced health care organizations to decrease admissions, reduce elective admissions, and decrease lifesaving care. The malware also forced some hospitals across Europe to cancel emergency response procedures. Analysts say WannaCry cost the NHS over $100 million. And the total cost of WannaCry may have been over $4 billion.

What is ransomware?

Ransomware is malicious software that online extortionists deploy to blackmail organizations, though some strains can also hit individuals. Some types of ransomware will encrypt files on computer systems and hold them hostage. Other types of ransomware like Petya will reboot computers and lock them.

Why does ransomware hit hospitals?

Some ransomware strains like WannaCry have computer worm-type qualities and spread across networks to any computer with system vulnerabilities. Other strains, like DarkSide ransomware, are part of targeted attacks. So, why do ransomware strains hit hospitals? For starters, cybercriminals usually don’t have any ethical qualms about attacking lifesaving organizations.

Hospitals are also easier targets because they often use outdated operating systems with system vulnerabilities or aging cybersecurity tools that can’t remediate ransomware infections. In addition, hospital staff are too distracted to watch out for common ransomware threat vectors like phishing emails, spear-phishing emails, smishing, open RDP ports, and more.

How hospitals can mitigate the risk of a ransomware attack

Remember, the larger the organization, the greater the risk of a ransomware attack through employee activities because of lapses in judgement. However, hospitals can mitigate their risk with the following steps.

Step #1 Ditch the Baked-in Antivirus

Every operating system has a baked-in antivirus tool. Although this is usually competent against computer viruses, it’s insufficient against ransomware. For example, Windows 10 has a built-in anti-ransomware tool that’s so poor that Microsoft has left it deactivated by default. Try an advanced antivirus for small business defense that detects ransomware proactively through artificial intelligence and machine learning. A good security tool will also offer ransomware rollback, so health care organizations can quickly return to operational capacity.

Step #2 Patch Your Systems

Many hospitals continue to run outdated operating systems leaving them open to exploits. The solution is to have IT teams update software to the latest version to plug flaws that malware can utilize.

Step #3 Train Staff

Undoubtedly, hospital staff are busy nowadays with patient care and paperwork. But stopping ransomware threats against hospitals is critical. Employees must learn good cybersecurity hygiene and avoid opening potentially unsafe links, messages, emails, and websites on hospital computers and devices.

It’s also prudent to bring in a cybersecurity team for advice and forensics security analysis. After all, preventing ransomware from becoming a menace requires a holistic approach.