Spade Technology: Blog

Ransomware Highlights Vulnerabilities of Hospitals’ Security Systems

Patients everywhere would probably be surprised to learn just how vulnerable their medical records are. While most people are likely to think that their hospital is doing a fantastic job of keeping their sensitive medical and health data safe, the uptick in hackers that use so-called “ransomware” paints an entirely different story. The criminals use this ransomware to encrypt patient files before demanding payouts for their safe return.

Hospital Security

Why Are Hospitals Vulnerable?

Though it is not completely clear why hospitals are the targets of these hackers, there is speculation that it is because they are an easy mark. In spite of the massive amounts of data that hospitals are required to obtain electronically, it is likely that their cyberprotection efforts have not kept pace with this influx of information. Even more startling is that hospitals do not typically have backup systems for their electronic data in place, nor do they have backup databases. This lack of preparation makes these institutions particularly vulnerable to attacks of this nature and could potentially put the lives of their patients in danger as well.

Solutions for Hospitals

While it is important to acknowledge that no security system is foolproof at keeping would-be hackers at bay, hospitals can make it more difficult for these thieves to gain access to their records. Most hackers want easy access to their victims and will go elsewhere to perform their dirty work if it is too difficult to worm their way inside a system. Hospitals can take advantage of this hacker mindset by implementing the following strategies with the help of an experienced IT company:

  • Implement backup systems that include regular instances of both patching and updating
  • Disaster recovery policies need to be put into place that enable a backup system to be used in the event that a catastrophic event occurs with the primary one
  • An authentication system that includes multiple factors
  • Encrypting all data — both while it is in transit and during the time period that it is being stored
  • “Air-gapping,” or keeping vital network parts physically separate so the spread of these types of attacks can be limited
  • Employees need to be trained in dealing with phishing attempts and other scams
  • Computers that are accessible to the public need to be secured

Looking for a reliable IT support partner in Mansfield that will protect your hospital’s patient records against potential attacks? We can help! Give Spade Technology a call at (508) 332-4849 or drop us an email at info@spadetechnology.com.