Call us: 605-389-7229

Nursing Home Patients at Risk After Ransomware Attack

11/27/2019

 

Nursing Home Patients at Risk After Ransomware Attack

FROM THE MEDIA: Milwaukee, Wisc.-based IT services firm Virtual Care Provider Inc. (VCPI) suffered a Ryuk ransomware attack on Nov. 17, 2019, that has affected its billing, payroll systems, and all client data, and prevented access to patient records. According to reports, those behind the attack also hit VCPI with a $14 million USD ransom demand in order to prevent the destruction of all the company's data. According to VCPI CEO Karen Christianson, "We've got some facilities where the nurses can't get the drugs updated and the order put in so the drugs can arrive on time. In another case, we have this one small assisted living place that is just a single unit that connects to billing. And if they don't get their billing into Medicaid by December 5, they close their doors. Seniors that don't have family to go to are then done." VCPI is said to manage as many as 80,000 endpoints and servers for its customers and provides cloud hosting, IT managed services, and cyber security for as many as 110 acute care facilities and nursing homes.

ANALYST COMMENT:  Malicious actors who specialize in ransomware attacks have continued to target organizations across diverse industries and geographic regions. Organizations providing critical services such as hospitals and nursing homes, as well as other organizations that provide non-medical but crucial services to these entities, are especially vulnerable to the impact of ransomware, which may make them more likely to pay a ransom. Operators of ransomware have conducted multiple operations targeting organizations within the medical industry in recent months, including University Hospital Center in Rouen, France, Alabama's DCH Regional Medical Center, Northport Medical Center, and Fayette Medical Center, and Cabrini Hospital in Malvern, Australia, demonstrating heightened interest among malicious actors in targeting organizations within this industry. Moreover, security researchers reported that there have been hundreds of such attacks in 2019. There are a number of processes and controls that organizations can implement to limit the impact of ransomware incidents, including the segmentation of critical networks, offsite storage of data backups, and the implementation of multi-factor authentication on remote access systems. Media on-target.

Read The Story:   InfoSecurity Magazine  

SOURCE: FireEye News Analysis 27 November 2019