Just a little over three months ago, the WannaCry ransomware attacked healthcare systems around the world. In June, the Petya virus spread throughout Europe and into North America, accessing countless classified records. Now, a new virus has entered the scene and ushered in yet another round of information breaches.
The new ransomware, known as Defray, is the latest major attempt by hackers to access private hospital patient records and hold them hostage. As with previous attacks, the virus, once released into a hospital’s network, encrypts patient files so that providers no longer have access to them. The Defray creators have demanded as much as $5,000 in Bitcoin in order to unlock the encryption and relinquish the records.
But how did the virus gain access to protected files in the first place? According to experts, Defray uses a “spray and pray” method in which countless phishing emails are sent out in hopes that at least a few produce results. For example, physicians in the United Kingdom received emails claiming to be from their hospital’s director of information management and technology. These emails contained an attachment titled Patient Report, and used the hospital’s official logo within the email in order to boost authenticity. In this case, the tactic worked, and a few opened attachments were all the hackers needed.
Many facilities are trying desperately to boost cybersecurity, but such changes are not always so simple. In the past, hospital budgets, especially those for small facilities, did not always have the means to hire local cybersecurity experts. Thankfully, that seems to be changing for the better. According to HealthcareDive, a recent survey revealed that eight out of ten facilities have employees dedicated to cybersecurity, and six out of ten have a dedicated senior security officer. As protective measures and cybersecurity awareness continue to increase, hopefully these attacks will soon be a threat of the past.