Ransomware Attacks in the Healthcare Industry

Authors

  • Aditi Kesarwani North Creek High School
  • Dr. Sarada Prasad Gochhayat

DOI:

https://doi.org/10.47611/jsrhs.v12i4.5799

Keywords:

Cybersecurity, Cyber security, Ransomware Attacks

Abstract

This paper explores the growing problem of ransomware attacks in the healthcare industry. It dives deep into the meaning of ransomware attacks and the basics of the attack such as how hackers gain access to data through the ransomware. Furthermore, this paper specifically focuses on hospitals and patients that are directly affected by the impact of ransomware attacks. This writing also includes information about noteworthy attacks in the health sector that have caught the attention of people around the world and how they were addressed. An aspect of Bitcoin has been added as cyber criminals demand ransom money in this currency from their victims. Lastly, this paper mentions steps that can be taken by hospitals to reduce the risk of getting infected by ransomware or what to do during a ransomware attack, such as having preventative safety measures in place with the use of antivirus software and Artificial Intelligence security systems as well has having a response plan during an attack. Apart from the Information Technology team in hospitals practicing these preventative measures, businesses and individuals should put in the time to implement these precautionary steps to ensure that they aren’t victims of ransomware attacks and that no one can gain access to any of their classified information. This paper was written by the researcher in a limited amount of time and the researcher was not able to conduct any of their own trials.  Hence, all the information and data included has been previously collected from researchers around the world. 

Downloads

Download data is not yet available.

References or Bibliography

Alder, S. (2022). Healthcare ransomware attacks increased by 94% in 2021. HIPAA Journal. https://www.hipaajournal.com/healthcare-ransomware-attacks-increased-by-94-in-2021

Aunger, C. (2022, August 16). Ransomware 101 For Healthcare. Forbes. https://www.forbes.com/sites/forbestechcouncil/2022/08/16/ransomware-101-for-healthcare/?sh=66e0874e5b86

Brush, K., Rosencrance, L., & Cobb, M. (2021). asymmetric cryptography (public key cryptography). Security. https://www.techtarget.com/searchsecurity/definition/asymmetric-cryptography

Collier, R. (2017). NHS ransomware attack spreads worldwide. Canadian Medical Association Journal, 189(22), E786–E787. https://doi.org/10.1503/cmaj.1095434

CVE - CVE-2021-42258. (n.d.). https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42258

CVE - CVE-2022-23714. (n.d.). https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23714

CVE - CVE-2023-30024. (n.d.). https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30024

cve-website. (n.d.-a). https://www.cve.org/About/Overview

cve-website. (n.d.-b). https://www.cve.org/ResourcesSupport/FAQs

Diaz, N. (n.d.). 289 healthcare organizations were impacted by ransomware attacks in 2022. https://www.beckershospitalreview.com/cybersecurity/289-healthcare-organizations-were-impacted-by-ransomware-attacks-in-2022.html#:~:text=The%20largest%20ransomware%20attack%20on,protected%20health%20or%20personal%20information.

IBM Security MAAS360. (n.d.). https://www.ibm.oreacom/products/maas360

Justice Department Seizes and Forfeits Approximately $500,000 from North Korean Ransomware Actors and their Conspirators. (2022). https://www.justice.gov/opa/pr/justice-department-seizes-and-forfeits-approximately-500000-north-korean-ransomware-actors

Kiguolis, U. (2020). Hospital Brno in Czechia hit by a cyberattack during COVID-19 virus crisis. www.2-spyware.com. https://www.2-spyware.com/hospital-brno-in-czechia-hit-by-a-cyberattack-during-the-covid-19-virus-crisis#:~:text=A%20cyber%20attack%20on%20University%20Hospital%20Brno%20in,cyberattack%20in%20the%20middle%20of%20the%20coronavirus%20outbreak.

McKeon, J. (2022,). Responding To a Healthcare Ransomware Attack: A Step-By-Step Guide. HealthITSecurity. https://healthitsecurity.com/features/responding-to-a-healthcare-ransomware-attack-a-step-by-step-guide

Millard, W. B. (2017). Where Bits and Bytes Meet Flesh and Blood - Hospital Responses to Malware Attacks. Retrieved From: https://www.annemergmed.com/article/S0196-0644(17)30891-0/fulltext

https://doi.org/10.1016/j.annemergmed.2017.07.008

Neprash, H. T., McGlave, C. C., Cross, D. A., Virnig, B. A., Puskarich, M. A., Huling, J. D., Rozenshtein, A. Z., &

Nikpay, S. (2022). Trends in ransomware attacks on US hospitals, clinics, and other health care delivery organizations, 2016-2021. JAMA Health Forum, 3(12), e224873. https://doi.org/10.1001/jamahealthforum.2022.4873

Notice of Data Security Incident. (n.d.). Commonspirit. https://www.commonspirit.org/notice-of-data-security-incident

Ojha, H. (n.d.). Anatomy of a ransomware attack. Unodc.org. https://www.unodc.org/roseap/en/2021/10/cybercrime-ransomware-attacks/story.html

Paul, D., Spence, N., Bhardwa, N., & Coustasse, A. (2018). Health Facilities: Another Target for Ransomware Attacks. Management Faculty Research. Retrieved from: https://mds.marshall.edu/cgi/viewcontent.cgi?article=1194&context=mgmt_faculty

Ransomware. (2022,). Federal Bureau of Investigation. https://www.fbi.gov/how-we-can-help-you/safety-resources/scams-and-safety/common-scams-and-crimes/ransomware

Riggi, J. (2020). Ransomware attacks on hospitals have changed | Cybersecurity | Center | AHA. American Hospital Association. https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed

Security QRADAr SIEM | IBM. (n.d.). https://www.ibm.com/products/qradar-siem

The role of AI and ML in ransomware protection. (2023, June 27). Acronis. https://www.acronis.com/en-us/blog/posts/role-of-ai-and-ml-in-ransomware-protection/

The University of Vermont Health Network. (2020). Statement from UVM Health Network on Cyberattack. The University of Vermont Health Network. https://www.uvmhealth.org/news/uvmhn/statement-uvm-health-network-cyberattack

Segendorf, B. (2014). What is Bitcoin? Sveriges Riksbank Economic Review. Retrieved from: www.riksbank.se/en/Press-and-published/Reports/Economic-Review

Targeting the Healthcare and Public Health Sector. (2020, October 28). JOINT CYBERSECURITY ADVISORY Ransomware Activity Retrieved From: https://www.cisa.gov/sites/default/files/publications/AA20-302A_Ransomware%20_Activity_Targeting_the_Healthcare_and_Public_Health_Sector.pdf

U.S. Department of Justice disrupts Hive ransomware variant. (2023, January 26). https://www.justice.gov/opa/pr/us-department-justice-disrupts-hive-ransomware-variant

Weiner, S. (2022). The growing threat of ransomware attacks on hospitals. AAMC. https://www.aamc.org/news/growing-threat-ransomware-attacks-hospitals

What is malware? - Definition and examples. (2023, July 21). Cisco. https://www.cisco.com/site/us/en/products/security/what-is-malware.html

What is ransomware? | Trellix. (n.d.). Trellix. https://www.trellix.com/en-us/security-awareness/ransomware/what-is-ransomware.html#:~:text=Ransomware%20uses%20asymmetric%20encryption.,stored%20on%20the%20attacker's%20server.

Published

11-30-2023

How to Cite

Kesarwani, A., & Gochhayat, S. (2023). Ransomware Attacks in the Healthcare Industry . Journal of Student Research, 12(4). https://doi.org/10.47611/jsrhs.v12i4.5799

Issue

Vol. 12 No. 4 (2023)

Section

HS Review Projects

Copyright (c) 2023 Aditi Kesarwani; Dr. Sarada Prasad Gochhayat

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Copyright holder(s) granted JSR a perpetual, non-exclusive license to distriute & display this article.