Andy Greenberg
wired.com
Originally posted 12 June 24
When Change Healthcare paid $22 million in March to a ransomware gang that had crippled the company along with hundreds of hospitals, medical practices, and pharmacies across the US, the cybersecurity industry warned that Change's extortion payment would only fuel a vicious cycle: Rewarding hackers who had carried out a ruthless act of sabotage against the US health care system nationwide with one of the largest ransomware payments in history, it seemed, was bound to incentivize a new wave of attacks on similarly sensitive victims. Now that wave has arrived.
In April, cybersecurity firm Recorded Future tracked 44 cases of cybercriminal groups targeting health care organizations with ransomware attacks, stealing their data, encrypting their systems, and demanding payments from the companies while holding their networks hostage. That's more health care victims of ransomware than in any month Recorded Future has seen in its four years of collecting that data, says Allan Liska, a threat intelligence analyst at the company. Comparing that number to the 30 incidents in March, it's also the second biggest month-to-month jump in incidents the company has ever tracked.
While Liska notes that he can't be sure of the reason for that spike, he argues it's unlikely to be a coincidence that it follows in the wake of Change Healthcare's eight-figure payout to the hacker group known as AlphV or BlackCat that was tormenting the company.
Here are some thoughts:
The recent record-breaking ransom payment by a healthcare giant raises a troubling question: are profits being prioritized over patient well-being? This approach creates an ethical dilemma and poses serious psychological and public health risks.
Imagine needing urgent medical attention, only to find your records inaccessible due to a cyberattack. Ransomware disrupts services, causing immense anxiety for patients. Disrupted access to data can delay diagnoses, hinder treatment, and even threaten public health initiatives. Furthermore, these attacks essentially blackmail healthcare providers, potentially eroding trust in the medical system.
To combat this growing threat, we need a multi-pronged approach. Healthcare institutions must prioritize robust cybersecurity. International law enforcement collaboration is crucial to hold cybercriminals accountable. Finally, open communication with patients during and after an attack is essential to rebuild trust and minimize stress. By working together, we can build a more resilient healthcare system that safeguards patient data and well-being.
