Campus alert status is green: For the latest UMMS campus alert status, news and resources, visit umassmed.edu/coronavirus

Search Close Search
Page Menu

Information Technology Blog

New Wave of Ransomware Impacting U.S. Hospitals

Thursday, October 29, 2020
|

ransomware-it-blog.jpg

What is Ransomware? How to Protect Against Ransomware

The FBI is investigating dozens of ransomware attacks launched by suspected Eastern European hackers that targeted U.S. hospitals, media reported Wednesday October 29, 2020.

Federal authorities said the recent attacks include incidents in Oregon, California, and New York, according to cybersecurity consultants familiar with the matter.

The attacks seem to be a coordinated effort designed to disrupt hospitals around the country. In the past, ransomware infections at hospitals have downed patient record-keeping databases, which critically store up-to-date medical information, affecting hospitals' ability to provide healthcare.

Much like hospitals, UMass Medical School is routinely targeted by cyber-criminals and shares close ties with UMass Memorial Health Center.

What is Ransomware?

Ransomware is a form of malware that targets critical data and systems for the purpose of extortion. Ransomware is frequently delivered through Phishing emails. After the initial infection, the ransomware attempts to spread to shared storage drives and other accessible systems. After the user has been locked out of the data or system, the cyber-criminal demands a ransom payment.

Ransomware targets home users, businesses, and government networks and can lead to temporary or permanent loss of sensitive or proprietary information, disruption to regular operations, financial losses incurred to restore systems and files, and potential harm to an organization’s reputation.

Ransomware may direct a user to click on a link to pay a ransom; however, the link is typically malicious and could lead to additional malware infections. Some ransomware variants display intimidating messages, such as:

“Your computer was used to visit websites with illegal content. To unlock your computer, you must pay a $100 fine.”

“You only have 96 hours to submit the payment. If you do not send money within provided time, all your files will be permanently encrypted and no one will be able to recover them.”

How to protect yourself against Ransomware

Be Aware of Phishing and Spear-Phishing Emails

The vast majority of Ransomware attacks are generated through Phishing scams.

Scammers use email to trick you into clicking on a malicious link or attachment. They also may request your personal or banking information. Spear-Phishing is when cyber-criminals have a little bit of information about you such as where you work or your job title and send you an email that appears to be legitimate and specific to your job.

Phishing emails messages may look like they’re from a company you know or trust. They may look like they’re from a business collaborator, a bank, a credit card company, a social networking site, an online payment website or app, or an online store.

Phishing emails often tell a story to trick you into clicking on a link or opening an attachment. They may

  • say they’ve noticed some suspicious activity or log-in attempts
  • ask you to validate an invoice
  • claim there’s a problem with your account or your payment information
  • say you must confirm some personal information
  • include a fake invoice
  • want you to click on a link to make a payment
  • say you’re eligible to register for a government refund

If you suspect that you have received a Phishing or Spear-Phishing email, please send an email to the IT Help Desk.

Use Only UMMS email addresses when conducting Medical School business. The Medical School has sophisticated email security systems that work to protect us from cyber-criminals and malware such as ransomware. The use of personal email providers for Medical School business often circumvents these tools and may not possess the same level of security.

Make sure that your data is not stored on your laptop or desktop’s local hard drive. Critical data should be stored in the UMMS Data Center or on approved secure Cloud Provider storage. If you are impacted by Ransomware, the best defense after the fact is to have a reliable back-up of your data. The Medical School provides multiple secure storage facilities where data can be quickly recovered if necessary. Here is information on how to utilize UMMS secure storage.  If you need help setting your secure storage up, please email the IT Help Desk and a technician will setup time with you.

Blog Topic: