Next-Generation Technologies & Secure Development

Hospitals and Ransomware: The Temptation to Pay

Security Expert Kate Borten on Patient Safety Concerns

Some healthcare entities may be more likely than organizations in other sectors to pay extortionists to unlock data that's been encrypted in ransomware attacks because patients' lives are potentially at risk if data is unavailable, says privacy and security expert Kate Borten.

See Also: OnDemand: 2024 Google Cloud Partner of the Year - Application and Infrastructure Security

"Even though law enforcement would say 'don't pay, these guys are criminals, and we don't want to encourage criminal behavior, and you can't trust them,' ... the reality is that this is a business decision, and each organization needs to consider what the impact is," says Borten, founder and president of consulting firm The Marblehead Group.

"In healthcare, for provider organizations, the ultimate [consideration] is patient care, and if the attack has the potential to affect care of patients, then I think we see hospitals ... paying the ransom in some cases."

For example, Hollywood Presbyterian Medical Center in February said it paid attackers about $17,000 in bitcoin to unlock patient data after a ransomware scheme.

Healthcare entities need to keep in mind that there are other potential threats posed by ransomware beyond locking up patient information, Borten notes. "We can never assume that all it's doing is simply encrypting the data. That might be what we see because we can't get to our files, but there may be much more going on."

Organizations can avoid having to making a difficult decision about whether to pay a ransom after an attack, Borten says, if they take appropriate defensive precautions, such as properly backing up data to ensure availability.

In an interview at the Boston Fraud and Breach Prevention Summit, Borten also discusses:

  • Why the healthcare sector has become the No. 1 target for ransomware attacks;
  • The mitigation steps to take as soon as an entity suspects it's become a victim of a ransomware attack;
  • Why more ransomware attacks are likely to eventually appear on the Department of Health and Human Services' Office for Civil Rights' "wall of shame" tally of major health data breaches as a result of OCR's recent release of new ransomware guidance.

Before founding The Marblehead Group, Borten led the enterprisewide security program at Massachusetts General Hospital in Boston and established the first information security program at Beth Israel Deaconess Medical Center and its parent organization, CareGroup, as its CISO.

About the Author

Marianne Kolbasuk McGee

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity, ISMG

McGee is executive editor of Information Security Media Group's media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site and played a lead role in the launch of InformationWeek's healthcare IT media site.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.