HealthcareInfoSecurity reported recent cyberattacks on medical centers in California and Las Vegas that have potentially compromised protected information of thousands of individuals. The publication turned to privacy, cybersecurity and data strategy counsel Jason G. Weiss for insight on ransomware attacks in the industry.
“As long as threat actors continue to be successful with these type of attacks, not only will they not end, but they will continue to grow and become more prominent, more serious and more intrusive,” shared Weiss. “The time to act is now,” he said.
Weiss also discussed ransom demands, noting that “the lack of a ‘ransom note’ does not mean that there was no ransomware attack per se.” There are many cases in which victims inadvertently destroy a ransom note when trying to restore their system or do not find a ransom note because some type of automated software potentially removed or destroyed it, he explained.
A ransom note cannot be used to determine whether data was stolen or copied, unless it clearly said that was the case, as is usual in many ransomware cases, Weiss highlighted.
Weiss added that he does not believe attacks on the health care sector will wane soon, saying “It appears that the healthcare industry remains under constant assault from threat actors around the world. It is time for the healthcare industry to become far more proactive to the threat of cyberattack and realize it is not ʻif’ they will be attacked, but ‘when.’”