Many emergency and routine health services at a 90-bed hospital in Gillette came to abrupt stop Sept. 20 when the facility’s 1,500 computer systems were disabled by a cyberattack.
It took nearly 18 days for Campbell County Memorial Hospital to come fully back online and reschedule hundreds of cancelled appointments, and the investigation into how the hospital fell victim to the attack is ongoing.
Hospital administrators identified the attack as ransomware, a type of computer virus that blocks access to data or threatens to publish data unless a ransom is paid.
“CCH is not the first organization, hospital or otherwise, to be hit with a ransomware attack,” said CEO Andy Fitzgerald in a video statement on the hospital’s website. “Every organization is subject to this type of cyber crime. We are not the first and, unfortunately, we won’t be the last to experience this type of crime.”
According to HIPPA Journal, almost half of all ransomware attacks in 2018 involved health-care companies, and those attacks are projected to quadruple by 2020. Cyber criminals target medical facilities because they are low-hanging fruit, and past criminals have experienced a great degree of success.
Patrick Wolfenbarger of Cyber Wyoming (and an independent contributor to the Wyoming Business Report) said governments and hospitals are high-profile targets for hackers because of the type of information they keep, combined with the ongoing, immediate need for services the entities provide. While the inception of the attack in Campbell County has not yet been identified to the public, Wolfenbarger did reveal some known facts about ransomware attacks.
“Generally, when it comes to ransomware, anyone can be a victim,” he said. “These attacks usually target people’s behavior, so it’s not necessarily an analog attack, where they are forcing themselves in to steal from you. It’s about getting people to do things, in most cases.
“The real professionals do research on a business and find out who is in charge of what, and then send them target emails to try to get them to click on a link that’s going to install malware or reveal data,” Wolfenbarger said, adding that preventing a malware attack involves strategy at several different levels.
Precautions to prevent cyber attacks include making and changing strong passwords, shutting down computers at the end of the workday, making sure people with access to system information verify the identity of people they disclose it to, encrypting confidential information, not allowing thumb drives to be plugged in to personal computers and backing up data. There’s a laundry list of best practices to keep computer attacks at bay, but none of it is foolproof, and, therefore, no one is immune.
“You don’t need to be a cyber security expert to empower yourself,” Wolfenbarger said. “I think the odds of being attacked go down – way down – if you follow the steps. It’s mostly human behavior that leads to these issues, and there is always a vulnerability, because we are all human.”
“Individuals, as well as organizations, much remain constantly vigilant at home and at work in order not to become a victim of this type of crime,” Fitzgerald agreed. “CCH had strong systems in place before the attack, and we have invested in additional measures, but the threat remains for all of us.”
“I do know they worked very hard to reduce their vulnerabilities because they were a victim of the same kind of attack earlier this decade, and they took it very seriously,” Wolfenbarger said. “For as bad as everything may be, I wonder how much worse it could have been if they didn’t take some of those precautions.”
A layperson’s understanding of hackers usually involves imagery of someone sitting a room and generating a lot of spam emails. Career criminals can go onto the dark web and purchase software that enables them to do their own fishing attacks without the skills of program writers.
The FBI recommends those attacked with ransomware not pay the ransom, as it can inadvertently encourage this type of crime to continue. Additionally, there’s no guarantee that companies will get back to fully functioning after the ransom is paid.
CCH is working with the Department of Homeland Security and the Wyoming Department of Health to determine how the attack occurred.
“I understand this situation has been frustrating and inconvenient, and I apologize on behalf of the organization,” Fitzgerald said. “Every now and then, you get an opportunity to see what people are made of, and I have been impressed by what I have seen in our workforce.”