So while looking for interesting health field issues going on, I found one article reporting recent ransomware attacks against health services. A ransomware attack is a software attack in which information is stolen and returned after a sum of money has been returned. One of the places, Metropolitan Urology (http://healthitsecurity.com/news/metropolitan-urology-ransomware-attack-affects-18k-patients) , actually experienced that attacks in 2006. They didn't even become aware of the incident until January of 2017. Think about that for a second, it took them 11 years before they realized that they had become aware of the incident. This made me think of my data that was possibly compromised. It took them a long time to find out that the data may have been compromised. This made me wonder why it took that long to discover the issue.
One of the reasons I have found was that little of the attacks actually disrupt their network, They do get notifications of potential issues but they receive so many it is hard for the companies to sort through them all. In fact "According to Verizon, 66 percent of breaches take months of even years to detect" (Thompson, 2017). That thought bothers me quite a bit. My data could be held out there being stolen without it being discovered until it could be too late.
The other vendor, Summit Reinsurances Services, was also a victim of ransomware. It this case several other medical companies used that vendor and all of those companies had to notify their patients of the potential breaches. I may touch on 3rd party vendors with regards to healthcare in a later blog.
Ransomware can definitely cause several issues in the healthcare field. Again, you have so much valuable information in those medical files that the cost to retrieve that information could be high. Not only that, but there is no guarantee you get your data back, or that the criminal doesn't sell it for profit anyways.
References:
Thompson, M. (2017). You Had an Ongoing Data Breach for Months. How Could You Not Know?. Retrieved from: https://www.business.com/articles/data-security-breach-why-they-go-unnoticed/
No comments:
Post a Comment