Caregivers Cut Off

Ransomware Strikes Senior Living

By Nik Edlinger on Dec 30, 2019 in News, Technology

As technology advances, crime keeps pace. Modern lawbreakers can now hold lives hostage from afar.

It’s all because of type of malicious software called ransomware. These programs are designed to lock down computers and data until a monetary demand is paid. When these viruses first cropped up, they generally targeted users indiscriminately by casting a wide net of spam emails and infected links, waiting for an unsuspecting web surfer to bite. Your computer would freeze, or your data would disappear under encryption, and you’d be treated to a pop-up asking you to pay up.

But cyber criminals have gotten more sophisticated with their methodology just as the technology itself has evolved. These hackers now increasingly target health care organizations for their vast wealth of confidential medical records, which can be sold on the dark web for up to $1,000 each.

At the same time, the attackers can deny access to the health care organization’s systems, including their electronic health records and medical administration solutions. This can have huge consequences for caregiving. Since most health organizations now rely on tablet-based charts, staff are left without medical histories and care plans to ensure proper treatment, putting their patients’ lives at risk.

Long-term care under attack

Hospitals aren’t the only care facilities affected by ransomware. Criminals have begun targeting businesses who handle the IT service needs for smaller organizations in health care – including senior living providers. This way, hackers can infiltrate hundreds of client businesses from a single breach.

It’s what recently happened to Virtual Care Provider Inc, based out of Milwaukee, Wisconsin. On November 17, a criminal group encrypted the data of their entire customer base: 110 skilled nursing and acute care providers in 45 states.

Resident records were locked, internet access blocked and medication orders stopped. “We’ve got some facilities where the nurses can’t get the drugs updated and the order put in so the drugs can arrive on time,” VCPI CEO Karen Christianson told cybersecurity journalist Brian Krebs. VPCI’s couldn’t even pay their own employees.

“We have employees asking when we’re going to make payroll,” said Christianson. “But right now all we’re dealing with is getting electronic medical records back up and life-threatening situations handled first.”

The asking price for the decryption key? A tidy $14 million in bitcoin. VCPI declined to pay.

The familiar but effective modus operandi

Security experts say the most likely pathway for the hackers to gain access was through a phishing email. The larger the organization and IT department, the less likely it is for there to be software vulnerabilities available to exploit, since issues like these are routinely addressed and patched by the security team. So for cyber criminals looking to score big, the only option is to dupe inattentive employees.

Phishing emails are spam emails made to look like a trusted source to fool people into opening a booby-trapped attachment. This file then initiates a malware download. The emails themselves can be quite convincing. Many mimic invoices or shipment-related notices, and sometimes they’re personalized to appear as though they come from an actual leader in the company.

Once the hackers are in the corporate system, it can be months and months until they launch a takeover. In the case of VCPI, officials believe the company may have been breached as far back as September 2018. The attackers then slowly spread over every part of the network and eventually gained administrator access. After that, “it’s game over,” said Krebs.

How to protect your own organization

Our partners over at LeadingAge’s Center for Aging Services Technologies have compiled tons of information for senior living managers who wish to mitigate their security risk. The resources can also guide you on what to do if your organization ever suffers an attack.

View CAST’s cybersecurity resources

We’ve recently updated our own Senior Living Data Security white paper with new data on cyber threats affecting the care provider landscape. To top it off, we discuss the most common vulnerabilities and offer recommendations for how to address them.

Get your copy of the Senior Living Data Security white paper