Ransomware Attacks Hit Health Care Organizations

On May 12, 2017, multiple health care organizations throughout the world reported widespread “ransomware” attacks against their computer systems, many of which house protected health information (PHI). According to several reports, the cyber-attack has affected as many as 150 countries and infected 300,000 targets, including hospitals, universities and government agencies. Ransomware can be delivered via a link within or as an attachment to an email. If opened, these links or attachments take the recipient directly to a malicious website that a hacker can use to gain access to the system and place malware. If infected, the computer’s hard drive is encrypted and locks the user out of computer files, including PHI. Hackers then demand a ransom in order to regain access to the system, and in some cases, threaten to delete the information altogether if their demands are not met.

The Department of Homeland Security, as well as other government agencies, has advised affected and at risk entities not to click on suspicious or unknown links and to only open emails from known individuals from whom emails are expected. Organizations are also urged to keep malware prevention and anti-virus protection up to date. For more information about these ransomware attacks and how to protect your organization from becoming a victim, please see the links below:

• Department of Homeland Security Statement on Attacks
• Indicators Associated with WannaCry Ransomware
• Office of Civil Rights FACT SHEET: Ransomware and HIPAA
• How to Protect Your Networks from Ransomware
• If you are a victim of ransomware or have cyber threat indicators, contact your local FBI Field Office.