Malware and Ransom of Medical Records

"The doctors are under attack. We are getting physicians on a regular basis saying, 'I have a computer, I got locked out, I have ransomware'."
"They've been asked to pay in bitcoin. They're asking us, 'Should I pay it'?"
Dr. Dennis Desai, physician-adviser, Canadian Medical Protective Association (CMPA)

No Canadian hospital -- as opposed to a doctor's office -- has yet made a public admission that they have become a victim of ransomware, their computer systems with invaluable and private patient records falling victim to cyberattack through malware, finding themselves locked out of their source of record-keeping and maintenance, and faced with the prospect of having to shut down operations unless they surrender to the demands of Internet pirates.

"There have been some hospitals that have been attacked and have paid ransom in bitcoin, in Canada."
"It was the Wannacry kind of event ... It's not individual patient files; they lock up everybody."
Bill Tholl, chair, federal committee on cybersecurity and critical infrastructure

This week the CMPA, the agency whose purpose it is to provide liability coverage for Canadian doctors published an article to make doctors aware of this growing problem of computer system attacks and to urge their member-physicians to make certain they maintain robust backup systems, and take urgent steps to guard against infection through computer viruses. Above all, to refuse to pay ransom should they be targeted.

The problem is a real one, and it is a growing phenomenon of some urgency. One expert has estimated that the number of ransomware attacks perpetrated on this target audience has risen by 600 percent in the past year alone, according to Mr. Tholl, previously CEO of HealthCareCan, an entity which represents hospitals and allied medical facilities. Precisely for the very reason that sensitive medical data has become a prime focus, more so even than efforts to bog down banking enterprises.

The simple reality now appears to be that hackers repeatedly target Canadian doctors with their ransomware and in so doing render their computer systems with their thousands of critical and sensitive medical records hostage, impeding the normal care of patients. Once the situation has been
settled it takes days for medical offices to restore their systems from their backup sites. In the process the potential for loss of crucial data looms.

Physicians are hard put to ensure that nothing is missing in their patients' history when health issues are being diagnosed. Ontario's privacy commissioner office has received ten reports of such ransomware attacks on medical clinics or doctors' offices since 2016, recognizing it as an "increasingly dangerous" threat to the security of health records.

A cyber gang - called Shadow Brokers - is being blamed for the hack Credit: Reuters

When computers are frozen by encrypting data, the anonymous attackers demand payment, most often in digital bitcoin before they will unlock the files. The notorious Wannacry virus struck 15 hospitals in Britain's National Health Service, forcing them to shut down some of their operations. Two major health facilities in the United States were similarly struck by such attacks; computers at Erie Country Medial Center in Buffalo went down for six weeks while the authorities there refused to pay the demand of $44,000 in bitcoin to free the computers.

To the present, according to cybersecurity consultant Kevin Magee, Canadian hospitals have managed to evade the problems that assailed hospitals in Britain and the U.S., crediting their more disciplined approach to installing security patches in protection against malware. Cyber criminals, however, were encouraged by their success in pursuing health-care institutions for ransom; when lives are endangered, desperate efforts to regain control of critical files have led to the ransom being paid.

Over 70 percent of physicians have engaged with electronic medical records. The absence of that critical data for even a few days while the computers are being forcibly locked down spells a huge problem for health practitioners, when computer systems cover all record-keeping from appointment schedules to detailed patient charts.