Login Identity Protection Build Credit Pricing Employers Support Schools Parents PTAs PTOs and Education Foundations  Superintendents, Business Officers, and School Boards Resources About Us Contact Us Education Center Press Releases In the News FAQ
Resources > Cyberattacks > Ransomware Attack on Hospitals—Understanding the Growing Threat

Ransomware Attack on Hospitals—Understanding the Growing Threat

Ransomware attacks on hospitals are a growing threat, with more and more healthcare organizations experiencing these attacks each year. These malicious cyber incidents not only jeopardize patient data security but also disrupt critical healthcare services.

The ethical dilemmas surrounding ransom payments have added complexity to an already challenging situation. This article will explore how a ransomware attack on hospitals happens, what its consequences are, and what strategies healthcare organizations can employ to protect their systems and patients.

What Is Ransomware in Hospitals?

Ransomware in hospitals refers to malicious software attacks that specifically target healthcare institutions, including hospitals, medical centers, and healthcare networks. In these attacks, cybercriminals deploy ransomware to encrypt sensitive patient data, disrupt critical healthcare services, and demand a ransom payment from the targeted hospital in exchange for the decryption key or restoring access to their systems.

The consequences of ransomware attacks on hospitals can be particularly severe:

  • Patient safety at risk—Ransomware attacks can disrupt essential medical services, including patient monitoring systems and electronic health records (EHRs), potentially putting patients’ lives in jeopardy
  • Data access restriction—Attackers encrypt patient records, medical histories, and billing information, making them inaccessible to healthcare providers. This data is critical for patient care and billing
  • Financial fallout—Hospitals may face substantial financial losses due to the costs of resolving the attack, regulatory fines, and potential legal liabilities
  • Loss of trust and reputation—Public trust in a hospital’s ability to protect patient data can erode after a ransomware attack, damaging its reputation and credibility

To combat ransomware attacks in hospitals, healthcare organizations must invest in robust cybersecurity measures.

Why Hospitals Are a Top Target of Ransomware Attacks

Hospitals are a particularly attractive target for ransomware attackers because they store a large amount of sensitive patient data, including:

This data is valuable to cybercriminals, who can use it to commit identity theft, medical fraud, and other crimes. In addition, hospitals are often understaffed, and their employees are overworked, which can make it difficult for them to implement and maintain effective cybersecurity measures. This makes them more vulnerable to attack.

Finally, hospitals are often willing to pay ransoms to get their data back quickly, as they can’t afford to have their operations disrupted for an extended period. This makes them more likely to be targeted by ransomware attackers.

How Do Hospital Ransomware Attacks Happen?

Hospital ransomware attacks can happen in various ways, but some of the most common methods include:

MethodHow It Works
Phishing emailsPhishing is one of the most common methods of initiating a ransomware attack. Attackers craft convincing emails that appear legitimate, often impersonating trusted sources such as healthcare organizations, colleagues, or vendors. These emails contain malicious attachments or links that execute the ransomware payload when the user clicks on them
Exploiting software vulnerabilitiesCybercriminals actively seek vulnerabilities in the hospital’s software, operating systems, or third-party applications. Once they identify a vulnerability, attackers exploit it to gain unauthorized access. Hospitals that delay software updates or fail to apply security patches promptly are particularly vulnerable to this method
Watering hole attacksIn a watering hole attack, attackers compromise websites frequently visited by hospital employees or patients. When individuals visit these compromised websites, they unknowingly download malware onto their devices, which can then spread within the hospital’s network
Brute force attacksAttackers use automated tools to guess usernames and passwords, often targeting remote access systems, email accounts, or VPNs. Once they successfully crack login credentials, they gain unauthorized access to the network
Social engineeringSome attackers use social engineering techniques to manipulate hospital employees into providing sensitive information, such as login credentials or network access codes. These tactics can be used in combination with other methods to gain a foothold in the network
Insider threatsIn rare cases, individuals within the hospital with privileged access may become insiders involved in the attack. They may intentionally or unintentionally assist attackers in deploying ransomware within the organization

Recent Ransomware Attacks on Hospitals

Ransomware attacks targeting hospitals are an increasingly common threat worldwide, and the U.S. is no exception. Here are some of the most impactful and concerning ransomware attacks that have targeted hospitals and healthcare organizations in recent months:

  • In January 2023, a ransomware attack on the Community Health Systems hospital chain forced the closure of several hospitals and disrupted patient care. The attack encrypted patient records and computer systems, making the staff unable to access patient information. The attack affected a number of hospitals in the chain, including hospitals in Florida, Georgia, Kentucky, North Carolina, and Ohio
  • In October 2022, a ransomware attack targeted CommonSpirit Health, a Catholic nonprofit organization that operates over 140 hospitals in 21 states. The attack encrypted patient records, including names, addresses, dates of birth, medical information, and insurance information. This also impacted the organization’s billing and scheduling systems. CommonSpirit Health took its systems offline and notified law enforcement and cybersecurity experts
  • In March 2023, a ransomware attack on the Scripps Health healthcare system affected the data of over 147,000 patients. Scripps Health is a large healthcare system with over 30 hospitals and clinics in California. The attack affected a number of facilities in the system, including hospitals, clinics, and imaging centers

Steps To Prevent Hospital Ransomware Attacks

Hospitals and healthcare organizations can take several proactive measures to protect themselves from ransomware attacks, reduce vulnerabilities, and mitigate the potential impact of such incidents. Here are key steps they can implement:

  1. Employee training
  2. Regular software updates and patch management
  3. Regular data backups
  4. Security updates for medical devices
  5. Regulatory compliance
  6. Engage cybersecurity experts

Employee Training

Regular cybersecurity training is essential for all hospital staff, from healthcare providers to administrative personnel. Training sessions should cover the basics of recognizing phishing emails, identifying social engineering tactics, and implementing safe online practices. Employees should also be encouraged to report any suspicious activities or emails promptly. By fostering a culture of cybersecurity awareness, hospitals can create an additional layer of defense against ransomware attacks.

Regular Software Updates and Patch Management

Hospitals should maintain a strict regimen of updating and patching all software systems. This includes operating systems, applications, and any third-party software in use. Outdated software often contains vulnerabilities that attackers can exploit. Implementing a robust patch management system can help automate the process, ensuring that security patches are promptly applied to reduce vulnerabilities.

Hospitals should also implement strong access controls and user authentication measures to limit unauthorized access to hospital systems.

Regular Data Backups

Maintaining regular, secure data backups both on- and off-site is critical to ensure that data can be quickly restored in case of a ransomware attack. It’s equally important for healthcare organizations to periodically test their data restoration procedures to verify their effectiveness.

Security Updates for Medical Devices

Hospitals rely on various medical devices that are connected to their networks. Ensuring that these devices are regularly updated with the latest security patches and maintained according to manufacturer guidelines is vital for preventing potential vulnerabilities in these healthcare systems.

Regulatory Compliance

Hospitals should rigorously adhere to relevant data protection regulations, such as the Health Insurance Portability and Accountability Act (HIPAA). Ensuring compliance not only safeguards patient data but also indicates that hospitals meet legal requirements related to cybersecurity. Additionally, developing a comprehensive incident response plan specifically tailored to ransomware attacks is crucial for reducing the risk of this threat.

Engage Cybersecurity Experts

If they have the resources, hospitals can hire cybersecurity professionals or consulting firms specializing in healthcare security to ensure extra safety. These experts conduct thorough risk assessments, identify vulnerabilities, and provide guidance on how to secure the organization effectively.

By implementing these comprehensive measures, hospitals can significantly enhance their defense against ransomware attacks, safeguarding sensitive patient data. For individuals looking for an added layer of assurance that their personal information remains secure during a hospital ransomware attack, considering an identity protection service like FreeKick is a wise choice for comprehensive family protection.

FreeKick—Comprehensive Identity Protection for Your Whole Family (Coming Soon)

Backed by Austin Capital Bank, FreeKick offers top-tier identity protection services that cover up to two adult parents and six children between the ages of 0 and 25. But that’s not all—FreeKick goes the extra mile by providing credit building features specifically designed for children aged 14 to 25 to help them lay a strong foundation for their financial future.

Identity Protection Services

Considering that a child’s identity is stolen every 30 seconds, FreeKick plays a significant role in reducing the risk of identity theft by offering a range of features for both children and adults:

Services for Adult Children and ParentsServices for Minor Children
Credit profile monitoring
Social Security number monitoring
Dark web monitoring for personal information
Up to $1 million identity theft insurance
Full-service white-glove concierge credit restoration
Lost wallet protection
Court records monitoring
Change of address monitoring
Non-credit (Payday) loan monitoring
Free FICO® Score monthly
FICO® Score factors
Experian credit report monthly
Credit profile monitoring
Social Security number monitoring
Dark web monitoring for children’s personal information
Up to $1 million identity theft insurance
Full-service white-glove concierge credit restoration
Sex offender monitoring—based on sponsor parent’s address

Parent-Sponsored Credit Building

A robust credit history can help your child save over $200,000 throughout adulthood. FreeKick facilitates starting your child’s credit journey early through parent-supported credit building.

The process is straightforward:

  1. Create a FreeKick Account—Visit FreeKick.bank and select a suitable plan. You can activate credit building from your account dashboard once your child turns 14, and they can activate credit reporting once they turn 18 (19 in Alabama)
  2. Set It and Forget It—Once you’ve initiated credit building, FreeKick establishes a 12-month credit history for your child through a no-interest installment loan
  3. Keep Growing—After the initial 12-month term, you’ll have the option to continue improving your child’s credit or close the account and get your deposit back

Once credit reporting is activated, FreeKick will report a $1,000 credit account to all three major consumer credit bureaus:

  1. Experian
  2. Equifax
  3. TransUnion

FreeKick Pricing

FreeKick offers flexible pricing options, and both plans come with FDIC insurance coverage of up to $250,000.

FDIC-Insured Deposit AmountAnnual Fee
$3,000$0 (Free)

Empower your child with the tools they need for financial success and enhance your family’s identity security—sign up for FreeKick today.