Main Menu
Cybercriminals are threatening data-extortion plots against the U.S. healthcare system, the FBI and two other federal agencies warned on October 28th. The plots are ransomware cyberattacks designed to lock up hospital information systems, which could lead to data theft and cause significant disruption of patient services as COVID-19 case numbers continue to surge.
At least five American hospitals have been impacted by the cyberattacks this week, and security experts warn that hundreds more may be affected. Experts say that the magnitude of this latest wave of cyber threats is unparalleled, and the cybercriminal group responsible appears to be a Russian-speaking criminal gang.
This latest wave of cyber threats against the U.S. healthcare system is part of a growing trend. A ransomware attack in September slowed all 250 facilities of the Universal Health Services hospital chain. Universal’s doctors and nurses were forced to revert to antiquated recordkeeping methods—the old paper and pencil—while lab work slowed and patient monitoring equipment faltered. So far in 2020, at least 59 U.S. healthcare providers/systems have been affected by ransomware, interfering with patient care at 500+ facilities.
If you find yourself a victim of a ransomware plot, whether in healthcare or not, here are some guidelines to help weather the attack:
Even before you become a victim to ransomware, there are measures to take that will mitigate the possibility of being infiltrated. Besides working with outside counsel to plan and prepare for the steps above, you should consider doing the following:
Please feel free to speak with your contact or anyone at Procopio if you would like assistance with implementing the recommended measures, improving your existing plans, or if you have been subject to a ransomware attack.
Elaine focuses on representing clients in privacy and data security matters, including litigating claims involving privacy issues, helping clients manage emerging risks and conduct privacy risk assessments, and advising on regulatory and compliance issues. She has been involved in numerous trials, as well as arbitration proceedings, related to contract and general business disputes, trade secret matters, complex unfair competition and business practice claims, and professional liability. Elaine has earned the ANSI-accredited Certified Information Privacy Professional/United States (CIPP/US) and the Certified Information Privacy Manager (CIPM) credentials through the International Association of Privacy Professionals (IAPP), and is the leader of Procopio’s Privacy and Cybersecurity practice and the firm’s Privacy Officer.
Elaine focuses on representing clients in privacy and data security matters, including litigating claims involving privacy issues, helping clients manage emerging risks and conduct privacy risk assessments, and advising on regulatory and compliance issues. She has been involved in numerous trials, as well as arbitration proceedings, related to contract and general business disputes, trade secret matters, complex unfair competition and business practice claims, and professional liability. Elaine has earned the ANSI-accredited Certified Information Privacy Professional/United States (CIPP/US) and the Certified Information Privacy Manager (CIPM) credentials through the International Association of Privacy Professionals (IAPP), and is the leader of Procopio’s Privacy and Cybersecurity practice and the firm’s Privacy Officer.
Patrick Ross, Senior Manager of Marketing & Communications
EmailP: 619.906.5740
Suzie Jayyusi, Events Planner
EmailP: 619.525.3818
