The Department of Health and Human services has issued a warning to healthcare providers to be on high alert for the SamSam strain of ransomware, which has been used to attack eight different health care entities so far this year.
SamSam made its first appearance in 2016 and is seeing increasingly widespread use so far this year. Unfortunately, the healthcare industry is considered by most to be a soft target. On the Dark Web, healthcare data has become more highly sought after than credit card data, which is only going to put more healthcare entities at risk.
The most tragic component of this is that when a hospital's network goes down, they stand to lose more than just money and control over patient data. Lives are also at risk. Although none of the attacks to this point have resulted in patient deaths, it's statistically inevitable. As these attacks continue to increase in frequency, scope and scale, sooner or later, someone will die because of them.
According to security experts, the root of the problem lies in the fact that guarding against such attacks is seen as fundamentally an IT issue. The truth is that it is an organization-wide issue, and should be treated as such, because attacks like these pose an existential threat. Treating the issue as something for a single department to be responsible for inevitably leads to a lack of funding and an inadequate incident response plan. This leaves most organizations completely unprepared to deal with an attack and its aftermath.
Even more worrisome is the fact that an increasing number of ransomware attacks simply destroy the data. Sure, the ransom note still gets displayed, but the hackers simply have no intentions of unlocking the files, and they build their software accordingly. Most recently, hackers have taken to corrupting encrypted data files, which can cause lingering problems for months or even years after they're unlocked.
This problem is only going to get worse until we all start taking data security more seriously.