Open menu
Gears Icon

Three Steps to System Security

by Akanksha Jayanthi

Becker's Health IT & CIO Review

Article excerpt

To pay or not to pay ransom: A tale of two hospitals

At least five hospitals reported ransomware attacks in the past two months. For two of those hospitals, many of the basics of the incidents were the same — they both declared an internal state of emergency after malware locked them out of their systems.

Our take

Three Steps to System Security

Media reports of hospitals that have been the target of ransomware attacks are increasingly common, but not all incidents occur in the same manner, or result in the same outcome. The chief difference—not all hospitals are forced to pay up or lose access to their systems. Why?

In most cases, according to this article, ransomware attempts do not result in the payment of any ransom. That was the case recently for Methodist Hospital in Henderson, Kentucky. The reason: information systems spotted the threat quickly, immediately shut down the system and activated a back-up. The best defense, according to Mac McMillan with Cynergis Tek, a healthcare security and privacy consulting firm, involves three steps: employee education, scrutiny of the use of person devices at work and an investment in malware threat technology.