Why Healthcare Organizations are so Vulnerable to Ransomware Attacks

The WannaCry ransomware that targeted nearly 300,000 systems in around 150 countries first came on the public radar when 48 medical facilities in U.K. were infected by the virus.

According to experts, old machines as well as outdated software in healthcare organizations contributed to the spread of the ransomware. Healthcare organizations that use old machines as well as run outdated technology should expect this kind of ransomware attack to happen again in the future.

According to Billy Marsh, a 10 year veteran of healthcare IT & now a security researcher at The Phobos Group, healthcare organizations should be more active in correcting their security.

“There are pretty big consequences” if a hospital has vulnerable software, Marsh said. “If they’re in the middle of an operation, whatever machines they’re using could go down and they’ll have to fall back on manual methods.”

A recent report from Motherboard found that many hospitals in the U.K run outdated software & therefore they don’t get security updates.

Many of us fail to realize that healthcare hardware such as ventilators, MRI machines as well as some types of microscopes are basically computers. These computers come with software that the makers are responsible for supporting and sometimes the makers stop supporting them after an extended period which means the old software can become vulrenable to ransomware attacks.

According to security expert Jeanie Larson, medical devices with bad security are highly dangerous for patients.

Jeanie said  she once found that children at a hospital were connected to EEG machines and the EEG machines were infected with malware. The machines were running on an unsupported Windows OS. Disconnecting them for updating the software could have impacted the care as doctors were using the machines for monitoring brain activity as well as prescribing medicine.

The security expert then worked with the hospital for fixing the machines. The incident demonstrated the risks of using outdated software; cyber criminals could have done more damage.

In March, Microsoft (MSFT, Tech30) issued a patch for the software vulnerable to WannaCry. However, often large companies don’t get time to update immediately as it might affect operations running on old technology.

After WannaCry ransomware, Microsoft decided to issue patches for old Windows systems that it no longer supports as still many organizations including those in healthcare as well as infrastructure — run old software.

Marsh also said that healthcare organizations must set up regular audits of their machines as well as segment their networks so that if a computer becomes compromised in one segment, it doesn’t give the cyber criminal access to computers on another segment.