Small health care providers rattled by ransomware
While the health care sector in general has been behind the curve on cybersecurity, small providers may be even more vulnerable.
Health care providers around the country are getting hit hard by cyberattacks that put at risk the privacy of their patients as well as their ability to deliver core services.
In recent years there have been a number of prominent cases of major hospitals getting hit by ransomware attacks, such as Hollywood Presbyterian Medical Center, which in 2016 paid cybercriminals to gain back control of their computer system.
A study released last week by Emsisoft, a cybersecurity firm, reported that 621 entities have been affected by ransomware this year, including local governments, schools and hospitals.
Related: How to reduce cybersecurity risk to employees’ health data
Just last week DCH Health System in Alabama scrambled to deal with a ransomware attack that paralyzed the computer system at its three hospitals, forcing it to turn away all but the highest-risk patients.
While the health care sector in general has been behind the curve on cybersecurity, small providers, including clinics and specialists, may be even more vulnerable and are less likely to have the resources to respond to a successful attack.
About 57 percent of all medical practices in the country have fewer than 10 doctors and 15 percent are solo practitioners.
The Wall Street Journal reports on a variety of small providers that have been hit with ransom demands recently. Andy Fitzegerald, CEO of Campbell County Health in Wyoming said that hackers gained control of the hospital’s computer system last month and demanded a ransom.
Fitzgerald did not disclose the size of the ransom or whether he paid it, but the immediate aftermath of the cyberattack included shutting down many of the hospital’s key services, including radiology, endocrinology and respiratory therapy. Some patients had to be transferred to hospitals in other states.
Some practices may find it impossible to recover from the effects of an attack. Wood Ranch Medical in Simi Valley, California has announced that it will be shutting down as a result of a ransomware attack.
“Unfortunately, the damage to our computer system was such that we are unable to recover the data stored there and, with our backup system encrypted as well, we cannot rebuild our medical records,” says a note on the hospital’s website. “As much as I have enjoyed providing medical care to you, I will not be able to attend to you professionally after that date.”
Read more: