Dive Brief:
- FirstHealth of the Carolinas blamed a new strain of the WannaCry virus for system disruptions that began Oct. 17 and continued throughout last week.
- On identifying the threat, FirstHealth shut down its network and did a security check of more than 4,000 devices and more than 100 locations connected to the network.
- No patient information was breached and no damage was done to the network or devices, according to a notice on FirstHealth’s website in which the system credited a quick response for limiting damage. The Pinehurst, N.C.-based health system serves 15 counties across the state.
Dive Insight:
The ensuing downtime caused some delays and appointment cancellations, but did not affect emergency care.
“This virus was a new form of the WannaCry virus,” the notice says. “An anti-virus patch has been developed specifically for this virus and is being implemented throughout the FirstHealth system. This patch will be added to antivirus software available for others in the industry to apply to their systems.”
With a slew of cyber and ransomware attacks hitting hospitals in recent years, and new breaches like the massive WannaCry attack that occurred in May, healthcare organizations are ramping up their cybersecurity programs.
Of 126 IT leaders recently surveyed by HIMSS, 71% said their organization budgets for cybersecurity and 60% of those said cybersecurity accounts for 3% or more of the overall budget. Eight in 10 respondents said their organization has a dedicated cybersecurity staff and six in 10 said they have a security officer in the C-suite. About 75% also reported having some form of insider threat management program.
In June, an HHS task force said healthcare cybersecurity is in “critical condition” and called on the government to take a stronger lead in helping healthcare organizations bolster their cybersecurity. The 88-page report noted that while industry is working to update IT systems and protect patient data, many organizations lack the infrastructure to identify and track threats, analyze data and act on results.
Data breaches cost providers on average $2.2 million each and cost their business associates $1 million, according to the Ponemon Institute, which estimates the overall cost to the industry at about $6.2 billion. A recent analysis by McAfee Labs found nearly 723 million malware samples in the past year, a 23% rise from the previous year. New ransomware samples increased by 47% to 10.7 million.
“Today, the reality of breaches means you need to be assuming a breach in in your environment at all stages,” Vincent Weafer, vice president of cybersecurity at McAfee, said in a recent interview with Healthcare Dive.
Weafer encourages organizations to follow regularly update their firewalls and web gateways and actively track domain name system request, which can help to detect a cybercriminal’s command-and-control activity. He also recommends creating early warning traps and using “sandbox” technologies to filter and screen threat information. He also urges organizations to hone their response skills by conducting attack simulations.