Hospital Ransomware and The Importance of Strong Endpoint Protection

By John Atienza on February 26, 2016

Source: http://www.govtech.com/security/Hospitals-Ransomware-Attack-Highlights-Importance-of-Strong-Endpoint-Protection.html?utm_medium=email&utm_source=Act-On+Software&utm_content=email&utm_campaign=Hospital%20Ransomware%20Attack%20Highlights%20Need%20for%20Strong%20Endpoint%20Protection%2C%20Startup%20Looks%20to%20Modernize%20City%20Websites&utm_term=Hospital%27s%20Ransomware%20Attack%20Highlights%20Importance%20of%20Strong%20Endpoint%20Protection

On Feb 17 an announcement was made that Hollywood Presbyterian Medical Center paid a ransom of 40 bitcoin which is close to $17,000 to regain access to its electronic medical records system. The center lost access to its information for 10 days. In that time they had to switch to paper records, faxing, and even turn away emergency room patients to seek treatment at other hospitals. The entry point for the attackers into their systems was most likely a phishing email.  According to Gartner Research Director, Lawrence Pingree, two assumptions can be made about an organization that makes a payment after they’ve been breached. First thing is organizations like the named hospital don’t have a good backup system and recovery strategy. Secondly, these organizations don’t have strong endpoint protection. Pingree stated that software like Malwarebytes and TrendMicro have endpoint protection that could thwart ransomware. The lesson to be learned here is that without proper controls ransomware can severely impact the operations and funds of any organization.