NewsNational News

Actions

Universal Health Services is latest ransomware victim as cyberattacks spike

Universal Health Services is latest ransomware victim as cyberattacks spike
Posted at 2:47 PM, Sep 29, 2020
and last updated 2020-09-30 11:25:36-04

A major hospital system is managing the fallout of what may be the biggest medical cyberattack in U.S. history.

United Health Services says its company-wide network is currently offline due to a suspected ransomware attack.

Ransomware is when criminals encrypt files and demand money for a key to unlock them again.

Experts say hospitals may be more susceptible while fighting the coronavirus.

“Medical record and medical care facilities are prime targets, not only because of the high value of the information, but also because of the fact that people are terribly busy,” said Alan Katerinsky, a clinical assistant professor at the University at Buffalo.

It's not just hospitals. Cyber-attack attempts are up about five times since the pandemic started.

People working from home don't have the same corporate protections that are normally in place in an office. IT workers may also be remote.

“It might be more difficult to work from home and notice things that are going on, instead of just being on-site, on the premises, and seeing what's going on, on an ongoing basis,” said Steve Beaty, a professor of computer sciences at MSU Denver.

After a ransomware attack, if an organization doesn't pay to get their files back, they still have to pay for the cleanup.

The criminal may retaliate by releasing the private information, like what happened to a school district in Las Vegas this week.

There's recently been talk of legislation to make it illegal to pay such ransoms, which may help deter criminals.

“They've upped their game partially because maybe they're seeing that there is going to be a limited amount of time this is actually going to work, at least in some jurisdictions,” said Beaty.

Cyber criminals often get in through phishing emails, so training to recognize harmful links may help.

Companies can also run tests to see if there are vulnerabilities in their systems, but that's more expensive.

It's also important for remote workers to use a VPN for privacy.