Ransomware uses malicious software or other mechanisms to block access to data and IT systems until the victim pays the attacker. In healthcare, cyber criminals could gain access to confidential and sensitive data such as electronic healthcare records and mission-critical applications.
When hospital ransomware attacks succeed, the damage can be extensive. Lives are put at risk. Earlier this year, Emsisoft's State of Ransomware Report suggested ransomware could make it impossible for providers to access lab tests, or even divert ambulances from where their emergency medical services teams are urgently needed.
The Emsisoft report highlighted the ransomware attack on the University of Vermont Health Network, whose team was locked out of its electronic health record, patient portal and other systems for more than a month. The financial impact is estimated to exceed $63 million, and the attack delayed planned IT system deployments.
Attackers do not always use ransomware for extortion. Once hackers gain access to healthcare systems, hospitals are also at risk of data exfiltration, where information about patients or the organization is stolen outright and used for malicious purposes.
Ransomware attacks on healthcare would be a concern at any time, but the increased burden on providers amid the urgency of the COVID-19 pandemic could make them even more devastating. At the same time, healthcare organizations are, like businesses in many other sectors, pivoting portions of their team to a remote work model, which widens the attack surface for ransomware.