Hospitals and Ransomware: The Temptation to Pay

Some healthcare entities may be more likely than organizations in other sectors to pay extortionists to unlock data that's been encrypted in ransomware attacks because patients' lives are potentially at risk if data is unavailable, says privacy security expert Kate Borten.

See Also: Unlocking Software Innovation with Secure Data as a Service

"Even though law enforcement would say 'don't pay, these guys are criminals, and we don't want to encourage criminal behavior, and you can't trust them,' ... the reality is that this is a business decision, and each organization needs to consider what the impact is," says Borten, founder and president of consulting firm The Marblehead Group.

"In healthcare, for provider organizations, the ultimate [consideration] is patient care, and if the attack has the potential to affect care of patients, then I think we see hospitals ... paying the ransom in some cases."

For example, Hollywood Presbyterian Medical Center in February said it paid attackers about $17,000 in bitcoin to unlock patient data after a ransomware scheme.

Healthcare entities need to keep in mind that there are other potential threats posed by ransomware beyond locking up patient information, Borten notes. "We can never assume that all it's doing is simply encrypting the data. That might be what we see because we can't get to our files, but there may be much more going on."

Organizations can avoid having to making a difficult decision about whether to pay a ransom after an attack, Borten says, if they take appropriate defensive precautions, such as properly backing up data to ensure availability.

In an interview at the Boston Fraud and Breach Prevention Summit, Borten also discusses:

Before founding The Marblehead Group, Borten led the enterprisewide security program at Massachusetts General Hospital in Boston and established the first information security program at Beth Israel Deaconess Medical Center and its parent organization, CareGroup, as its CISO.

Read the source post by Data Breach Today

Dave Safley

Technology King Pin ;) 

Real Time Web Analytics