Medical Devices and the Ransomware Menace

The first ransomware attack on a medical device was reported on a precision appliance during the 2017 WannaCry attacks. Since then, cybercriminals haven’t slowed down. Over the past 12 months, ransomware perpetuators have been relentless in their efforts to solicit payments from unsuspecting victims, even going as far as threatening to publish data if the ransom is not paid. This new tactic, in addition to the emergence of newer and prolific ransomware variants like Ryuk and Sodinokibi, has proven to be successful, too. In Q4 2019, the average ransomware payment increased by 104 percent from the previous quarter. And, healthcare organizations often find themselves in the crossfire, as cybercriminals know these companies will pay handsomely to have this information safely returned so they can care for patients and avoid having to pay a penalty for a HIPAA violation. All of this presents new challenges to medical device companies, which often store loads of sensitive patient information and whose technology is used daily to deliver critical care. As these organizations gear up for another year of battling ever-evolving cyber threats, it will be critical that medical devices are designed with security in mind, that the facilities using them are adhering to security best practices, and that backups are also protected with the same level of tenacity as the rest of the IT environment. Securing Medical Devices Medical device companies must perform risk assessments ...
Source: MDDI - Category: Medical Devices Authors: Tags: Software Source Type: news