Healthcare
organizations
must
be
wary
of
cybercriminals
exploiting
a
software
vulnerability
called
MOVEit.
The
Cybersecurity
and
Infrastructure
Security
Agency
issued
an
alert
this
month
warning
health
systems
about
this
vulnerability
—
the
alert
stated
that
Clop,
a
Russian
ransomware
gang
known
for
going
after
healthcare
providers,
has
been
exploiting
MOVEit.
Johns
Hopkins
University
and
its
health
system
were
recently
victims
of
a
data
breach
caused
by
hackers
targeting
this
vulnerability,
as
was
Texas-based
Harris
Health
System.
Johns
Hopkins
said
that
hackers
may
have
accessed
patients’
sensitive
personal
and
financial
information
during
the
attack,
including
names,
contact
information
and
health
billing
records.
The
health
system
also
said
that
the
cyberattack
“impacted
thousands
of
large
organizations
around
the
world.”
MOVEit
is
a
commonly
used
piece
of
software
that
allows
organizations
to
transfer
data
between
various
systems
and
networks.
Clop
found
a
vulnerability
in
the
software
before
most
organizations
could
update
it,
according
to
the
federal
government’s
alert.
Ransomware
attacks
can
be
“disastrous”
for
health
systems,
said
Aaron
Mendes,
CEO
and
co-founder
of
data
privacy
platform
PrivacyHawk,
in
a
recent
interview.
These
attacks
can
make
a
hospital’s
systems
go
offline,
force
clinicians
to
revert
to
paper
records
and
delay
patient
care.
“If
a
ransomware
attack
is
successful,
there’s
not
a
great
way
to
undo
the
damage
without
paying
the
ransom
most
of
the
time.
You
end
up
just
paying
the
ransom,
unfortunately.
And
then
[the
hackers]
unlock
your
systems
and
you
have
to
try
to
figure
out
how
they
got
it
and
then
put
things
in
place
to
try
to
prevent
it
from
happening
in
the
future,”
he
explained.
It’s
difficult
to
get
data
on
the
dollar
amounts
that
ransomware
gangs
typically
demand
because
hospitals
usually
don’t
disclose
this
information,
but
Mendes
said
these
sums
certainly
“aren’t
insignificant
amounts
of
money.”
According
to
him,
some
cybercriminal
groups
ask
for
millions
or
tens
of
millions
of
dollars.
He
noted
that
cyberattacks
often
lead
to
data
theft
—
when
hackers
steal
healthcare
records,
patients’
personal
and
medical
information
could
end
up
on
the
dark
web
or
public
web.
Cybercriminals
use
this
data
for
a
number
of
purposes,
including
blackmail,
extortion,
identity
fraud,
impersonation
and
doxing,
Mendes
explained.
Cyberattacks
also
create
a
major
legal
liability
for
healthcare
providers,
he
added.
“If
you
have
a
ransomware
attack
or
a
breach,
you’re
going
to
get
sued.
It’s
a
major
legal
risk,
and
those
class
action
lawsuits
are
extremely
expensive.
Unfortunately,
the
individual
patients
don’t
get
very
much
—
it’s
usually
the
lawyers
that
make
a
third
of
the
money,”
Mendes
declared.
In
his
view,
health
system
cyberattacks
aren’t
proliferating
because
hospitals
are
ignoring
security
protocols
—
they’re
happening
because
hackers
are
really
talented
at
their
jobs.
Most
hospitals
are
aware
that
hackers
are
posing
a
major
threat
to
the
sector
and
are
taking
precautions,
but
it’s
hard
for
them
to
protect
themselves
when
they
employ
thousands
of
people,
Mendes
pointed
out.
It
only
takes
one
human
mistake
to
give
a
hacker
access
to
a
hospital’s
systems,
he
said.
“Hackers
only
need
to
succeed
one
out
of
a
thousand
times
to
successfully
breach.
They
might
send
out
500
phishing
emails,
and
it
only
takes
one
click
to
give
them
the
access
that
they
want.
It’s
just
a
really,
really
hard
problem
to
make
100%
bulletproof,”
Mendes
declared.
Photo:
anyaberkut,
Getty
Images