There has been a sharp uptick in the number of ransomware and other cyberattacks within the past several months. These attacks range from minor inconveniences to those which risk the lives of thousands of people.
Operation of health care facilities crippled by cyber attacks
Within the past week, Universal Health Services Inc., a provider of healthcare services and the owner and operator of hundreds of hospitals and other healthcare facilities across the United States, was reduced to using pen and paper in order to provide healthcare to its patients. The company was forced to disable various systems, including critical networks used for patient medical records, in an effort to contain the effects of the attack. Although the company has not made an official statement, off-the-record sources reported that UHS was the subject of a complex ransomware attack of unknown origin.
With the increase in this sort of criminal activity, the targets of these attacks are by no means limited to healthcare companies, or even companies located in the United States. Several European Union countries are on high alert. Hospitals in the Czech Republic were recently targets of similar attacks, with at least one hospital becoming so infected that it was forced to disable its entire network, including critical systems necessary to store and transmit patient laboratory results.
School system data held hostage for ransom
The Clark County Public School District in Las Vegas, Nevada recently experienced similar issues. Hackers downloaded a large amount of sensitive information from the District’s database, including students’ social security numbers and grades, and then encrypted (locked) the District’s servers. The hackers subsequently demanded a ransom in return for unlocking the servers. When the school district did not pay in accordance with the demand, the hackers posted the stolen information on the Internet in retaliation.
Mitigate cyber attack impact through planning and system design
These recent events underscore the need for a robust cyber-security infrastructure and detailed contingency plans in the event a malefactor successfully penetrates your computer systems or networks.
This blog is made available by Goodman Allen Donnelly for general information, and does not constitute legal advice. By reading this blog, you understand that there is no attorney-client relationship between you and the firm. This blog should not be used as a substitute for competent legal advice from a licensed professional attorney in your state.