Skip to main content

Ransomware Heavily Targeting Health Care Companies

By September 2, 2016May 25th, 2021Blog, Cybersecurity

rsz_1ransomeware_heavilyYou’ve probably seen the headlines. This year, hardly a week goes by that there isn’t a report of a company in some way connected to the health care industry falling victim to ransomware. If you think it feels like they’re being specifically targeted, you’re not imagining things.

According to the latest research by FireEye, hackers are specifically targeting health care companies, and they’re going after them with ransomware. The reason? Most health care providers deal in time critical information in a way that many other industries do not. The thinking is that these companies will pay the ransom more readily to get their files back, than to go through the often onerous process of restoring files from backup.

So far at least, it appears that the hackers are right.

There’s more. FireEye has also determined that phishing emails are the weapon of choice where hackers are concerned. They’ll send out a barrage of emails, hoping that some unsuspecting user will click on the link embedded in the message, and that’s all it takes.

On a more technical note, FireEye also discovered that hackers are migrating away from the JavaScript form of their favorite ransomware, Locky. Instead, they’re increasingly using Microsoft Word .docm files attached to email messages. These are functionally similar to .docx Word files, but they can be used to execute macros. In this case, the macro executed is the kiss of death, at least where files on the target computer are concerned.

Put this information to use no matter what industry you’re in, and especially if you’re in any way involved with health care. Be sure that your employees understand the risks involved in even opening a message from an unknown, untrusted source, much less clicking on a link or opening a file it might contain. All it takes is one user, and one careless moment.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.