AT LEAST 48 HOSPITALS, PHYSICIANS’ OFFICES, and ambulance companies in Britain’s National Health Service were among the many victims of a cyberattack Friday that affected tens of thousands of computers in as many as 150 countries, The New York Times reported. Hackers used malicious software developed by and stolen from the U.S. National Security Agency, the Times added.
This attack is a warning to clinical laboratories and anatomic pathology groups that they should take steps to protect their information systems from ransomware and cyberattacks.
On Friday, ransomware infections encrypted documents, files and databases of victims and demanded an immediate payment in order for victims to regain access to their files. One news report said the ransom was $300 per machine, to be paid via Bitcoin.
Uk hospitals hit hardest
In the United Kingdom, a number of healthcare organizations were victims of the attack. “Thousands of operations at National Health Service facilities were canceled Friday, ambulances were diverted from affected hospitals, and patients waiting for routine outpatient appointments and even chemotherapy treatment were told that their records could not be accessed and they would have to go home,” The Los Angeles Times reported.
By Saturday, the NHS said most of its health centers were back in operation. But at least six sites had not regained access to their data and files.
Most attacks Go Unreported
The ransomware infections were extraordinary because of the great number of computers affected in one day across the globe. Such attacks happen regularly and often go unreported.
The Guardian explained that ransomware has hit UK hospitals regularly for some time. In February, a report showed that ransomware hit 88 of the UK’s 260 NHS trusts from the middle of 2015 through the end of last year. Imperial College Healthcare suffered 19 attacks in 12 months.
After one-third of the UK’s hospital trusts were attacked in 18 months, some experts asserted that the NHS hospitals were attractive targets for this form of computer crime.
More Funding required
The experts said the NHS has failed to provide its hospitals with the necessary funds to keep IT systems updated—and thus more protected from cyberattacks.
These facts are useful for pathologists and lab administrators seeking to keep their lab’s IT systems secure. Hospitals in the UK may be more vulnerable to cyberattacks than US hospitals because American hospitals and labs invest more money in computer security and are more diligent about updating software to repel such cyberattacks.
Hackers Go ‘phishing’
To defend against these attacks, clinical labs and pathology groups need to remind employees to be vigilant about opening email messages from unknown sources. Friday’s ransomware attacks began with what are called “phishing” email messages in which recipients are fooled into clicking on phony links.
“In some cases, the malware was delivered in spam emails,” The Washington Post explained. “Once one computer in a system was infected, the malware spread to other machines on the same network.”
The ransomware attackers reportedly used a vulnerability in computers running the Microsoft Windows operating system. Once a user clicked a link, the attacker would deliver files that encrypt the user’s data. Microsoft was reported to have patched the software.
After the system was hit, the user cannot access the data until paying a ransom, said to be $300 to start. Over time, the ransom demand rises because the hackers designed the malware to increase the amount on a set schedule and threatened to erase the data after a predetermined cutoff time. These steps raised the urgency of the attack and increased the likelihood that victims would pay, the Times reported. Computers that were not backed up were said to be the most vulnerable.
Expect More Cyberattacks
Some experts believe that the ransomware attacks that took place on Friday will generate $1 billion in payments to the cyber thieves. Since these crimes are low risk with a high return, lab executives and pathologists should expect to see ongoing attacks upon their labs’ computer systems.
Medical Labs Are Targets Of Cyberattacks, Ransomware
CYBERATTACKS ON MEDICAL LABORATORIES have major consequences, not the least because any lab that is attacked must typically go to manual ordering and reporting to maintain testing services. Often, what makes a clinical lab or pathology group vulnerable to a cyberattack is that it continues to run older software on its computer systems. Some cyberattacks are reported to be directed at organizations that run the outdated Microsoft Windows XP operating system.
In January 2016, the medical laboratory at the Royal Melbourne Hospital in Australia, found that a computer virus had shut down its system, which ran on Windows XP. To maintain clinical services, the lab staff was forced to use paper-based methods, among other solutions.
After crippling the pathology department, the computer virus then spread throughout the Royal Melbourne Hospital by targeting computers running Windows XP. At that time, the operating system had been in use for 14 years. Microsoft no longer supports Windows XP.
Just weeks later, in March 2016, MedStar Health in Washington, D.C., acknowledged that a ransomware cyberattack forced it to shut down computers at 10 hospitals. At the time, The Washington Post reported that computer screens at MedStar were showing a message demanding payment of 45 Bitcoin, approximately $19,000, in exchange for a digital key to unlock the data.
A MedStar physician stated that the criminals gave MedStar employees the option of paying 3 Bitcoins ($1,250) for a key to access one of the locked computers, The Baltimore Sun reported.
IT experts regularly advise that the best defense against cyberattacks is to keep all computer systems up-to-date by installing patches and upgrades regularly.