Cyber-attacks and the healthcare industry are two words we would rather not see used in the same sentence. When we think of cyber-attacks, this can mean several different things. The term ‘cyber-attack’ can be defined as both a successful, and unsuccessful, attempt at gaining access to any type of information online in an unauthorized way.
In this case, we will be looking at ‘ransomware’, which is a type of malicious code used in a cybercrime or cyber-attack. Most businesses have some sort of protection from cyber-attacks, large ones usually have a dedicated security task force. For smaller businesses, it is recommended that they continuously strengthen their knowledge of cybersecurity.
The healthcare industry has been targeted for several reasons and is not entirely safe at the moment, with constant news of international hacking in order to blackmail, steal data or disrupt communications. Especially now during the pandemic, with economies crushed and geopolitical tensions peaking between certain countries, security and intelligence agencies around the world are registering an increased amount of malicious cyber-attacks.
What is Cyber crime
The word cyber comes from ‘cybernetics’, a term that points to futuristic advancements such as computer science. Cybercrime is a term that has existed since communications began, from the telephone and on wards to any device that was able to communicate information. Anyone able to gain access in an unauthorized manner into communications systems is basically committing a cybercrime. The cybercrime timeline is fascinating, The Herjavec Group blog has posted a great example detailing a history of cybercrime since the beginnings of communication. Cybercrime exclusively means activities that criminals engage in in order to gain entry into a network, computer or any device according to Kaspersky.
In 1981, Ian Murphy hacked into the AT&T network and was then convicted of a cybercrime. He gained access to an internal clock and changed it so that he could charge higher rates for a service. As simple as this sounds, it was a big deal at the time and hackers as they are known today did not exist. Ian was one of the pioneers.
Today, with so many platforms, big data and digital channels available, cybercrimes are behind every corner. Hackers are not singularly focused, but multi-channel. Businesses and organizations operating online with sensitive and financial information published are at risk, cybercrime is flourishing and innovating itself every day.
Ethics And Cybercrime
What does internet ethics teach us about cybercrime? If we think about ethics and what it entails, we can see that there are quite a few aspects to touch on. Ethics and the internet are a complicated subject, which can hover between subjectivity and objectivity. The internet, especially today, touches our lives in many ways and a lot of us are dependent on it mentally and existentially.
We can briefly mention a few red flags regarding cybercrime, in order to get a general overview. The big issues on the internet today are big data, and privacy. The question of ethics here is trust and surveillance. Most people would not agree that we have a fair (ethical) internet, because of mass data storage, surveillance and the constant fear of being secure online. We also do not trust what is happening with our data, exactly because of the slew of cybercrime and malware news that we constantly hear.
The same goes for big data. Big data today is an integral part of search engines and IT companies that are collecting as much data as possible in order to implement the findings into AI, for example. The message is that this will make our lives easier, but at what cost and does anyone guarantee how your data will be used on the World Wide Web jungle?
Ransomware is malicious code designed to enter systems in order to access files and take them over, so that the user does not have access to them. Variations of ransomware have existed since the early 90s, typically in the form of a Trojan. Hence the word, ‘ransom’. Used in blackmail tactics, the stolen files are encrypted and are only given back in exchange for something.
Ransomware today is a different beast, as everything has advanced. The ability of ransomware to evade detection, high-level encryption not to mention the channels it is able to spread through is staggering. For businesses and individuals alike, it has become one of the most feared types of cyber-attack today. Ransomware attacks in the healthcare industry have been especially difficult.
Ransomware Is Infecting The Healthcare Industry
Ransomware is defined as a term under cryptovirology, which sounds biological. This is because they are very similar in how they work. Ransomware software (or malware in general, the umbrella term) functions like a real biological virus. It attacks via entry points called vectors, exploits weaknesses, gains access and seizes the target (think of files as blood cells or DNA).
With healthcare research and the pandemic upon us, hackers utilizing ransomware have been at it. Attacks range from hackers targeting medical giants and impersonating medical experts, to hijacking vaccine supply chains intended for developed countries during the pandemic. In terms of the healthcare industry, hackers have found an excellent source of ransom money. By targeting patient care files, as well as research and vaccine data they can potentially blackmail the company into paying them.
According to the Office of Civil Rights (OCR), around 40 million patients have been affected in hospitals worldwide due to data breaches, frauds and malicious code attacks. It would be wise for hospitals and health organizations to develop their relationships with ethical hackers. In this instance, hiring a hacker is the best way to stop another hacker. An ethical hacker can educate medical IT teams on what may happen, how malicious hackers think and prevent many future tragedies.
We now live in a world where people are distanced and close their curtains instead of keeping them open. Ransomware and similar malicious software have caused a lot of mistrust. People are scared and extremely cautious. Hacking has frustrated and tired out the business sector. So, it is important that we stay safe and prepare properly. It is wise to back up your data, use a VPN and get the proper IT training in accordance with the times we live in.
Author Bio : David Janssen is the founder and managing director of the Internet Privacy Initiative. With an international team of privacy advocates and cybersecurity researchers, he runs a range of cybersecurity websites and strives to make technical topics accessible and understandable for the common man.