At least 15 Dutch hospitals have been the victims of ransomware attacks in the last three years according to a recent anonymous survey.
The hospitals briefly described the attacks, in which hackers gained access to their network through outdated IT technology and in some cases compromised patient data. In one case a hospital had to deal with delays in its outpatient clinic because of a ransomware attack, in another a hospital had 75 computers infected, reports nltimes.nl.
Ransomware attacks occur when hackers encrypt files on a computer network and demand money to make them accessible again. Many of the hospitals who took part in the survey reported that daily backups to their systems prevented the significant loss of files.
Campus Safety has reported on multiple ransomware attacks on hospitals and the varying ways institutions have responded. The FBI is often involved in ransomware responses in the U.S.
In one instance at Methodist Hospital in Kentucky last year, officials declared an “internal state of emergency” before slowly getting their system restored.
“We have a pretty robust emergency response system that we developed quite a few years ago, and it struck us that as everyone’s talking about the computer problem at the hospital, maybe we ought to just treat this like a tornado hit, because we essentially shut our system down and reopened it on a computer-by-compute basis,” an attorney for the hospital, David Park, said.
A study by NTT Security found that 15 percent of all ransomware attacks between Oct. 1, 2015 and Sept. 31, 2016 occurred in the healthcare sector.
The difficulty with reporting on ransomware attacks is that institutions try to minimize publicity so they don’t become a repeat target for hackers. The anonymous survey was a way to bypass that concern, although 20 different hospitals refused to participate.
Related cybersecurity concerns with hospitals have to do with vulnerabilities in medical devices, including intravenous pumps.
