Home

About Us

IT Services

Understanding IT

News & Events

Blog

Support

Contact Us

Blog
  • Register

Capstone Works Blog

Capstone Works, Inc. has been serving the Cedar Park area since 2001, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Austin Cyberattack Proves Just How Disruptive Ransomware Can Be

Austin Cyberattack Proves Just How Disruptive Ransomware Can Be

Earlier this month, a local healthcare system comprising dozens of Austin-based hospitals, clinics, and other facilities suffered a cyberattack. We wanted to share some lessons that local business owners can learn from this situation, because a single attack like this can result in a snowball effect that can end up costing you a lot of time, money, and reputation.

The Story: Ascension Healthcare Network Suffered a Ransomware Attack

On May 8th, the healthcare network Ascension let patients know that they were working “around the clock” in order to restore systems after suffering from some sort of IT outage. Four days later, on the 11th, Ascension updated their patients to let them know that the incident was a ransomware attack.

Since it happened, staff and patients of the massive healthcare network, which has employees and facilities across 19 different states, have been feeling the impact. Care has been much slower than usual, and staff have had to go back to pen and paper to record things.

In an article on KVUE that covered the initial cyberattack a couple of weeks ago, a patient named Adam, who was at a hospital in Round Rock for having a crushed leg with three broken bones in his ankle, said, “Every doctor, PA [physicians assistant] has expressed how frustrating it is. Just, nothing's working, nothing's getting done… It's frustrating and scary and, frankly, I would not have come to this hospital if I knew that this is what I was going to be going through."

I’d hate to be in that situation as a patient—I think we all would—and this is something happening all across the Midwest for hospitals within this particular healthcare system. 

On top of that, since we’re talking about healthcare and medical records, there is a huge risk of data theft and exposure when it comes to cyberattacks. We’ll get to that in a moment. 

How Can a Ransomware Attack Take out a Hospital Network (or Any Business, for that Matter)?

Ransomware is currently one of the most common types of cyberattack. It’s essentially a piece of software that quickly spreads across a single device or network, staking claim to all of the files and data it can. It physically changes all of your data and encrypts it, meaning you lose access to your data. It’s still there on your devices, but it’s inaccessible to you, and you can only get access to it again if you have a big, complex encryption key; essentially a kind of password that the ransomware will then offer to sell to you.

The ransom can vary, but it can be anywhere from hundreds of dollars to hundreds of thousands of dollars. The highest recorded paid ransom sum reported was $40 million. It’s unethical and, in many ways, fruitless to simply pay the ransom, too. If an organization pays the ransom, they are only perpetuating the issue, and the cybercriminals likely already have a way in and can simply take the money and cause more damage.

The thing about ransomware is that it’s just ransomware. The havoc that this attack is causing isn’t from some highly specific, highly targeted campaign to take down the Ascension healthcare system (as far as we know at this time). It’s simply ransomware. It’s the same kind of ransomware that any individual or organization could get.

We’re hearing about this attack because it’s affecting healthcare facilities spread across 19 states. It’s affecting a huge number of patients and staff and that of course gets media attention. You don’t hear about ransomware attacks that cause local law firms or manufacturers or other small businesses to file for bankruptcy or lay off employees or skip Christmas bonuses, because it’s at a much smaller scale.

Ransomware is disruptive, and once it hits you, it does serious damage to your business. It can cripple your business and hurt employee morale and destroy your reputation with your customers.

What Do We Know About This Particular Type of Ransomware:

While there isn’t a lot of information about the attack so far, reports indicate that the ransomware used was something called Black Basta. Black Basta is a type of ransomware known as ransomware-as-a-service. Essentially, the creators of Black Basta sell the ransomware to hackers and cybercriminals. It’s a piece of software that someone can simply purchase and then distribute. The barrier to becoming a cybercriminal and causing massive damage to an organization is simply the cost of buying the rights to use the ransomware, which starts at about $100.

Let’s get back to the attack on Ascension.

Going Back to Normal After a Ransomware Attack is Extremely Challenging

Since the attack involves healthcare data, and likely because Ascension is attempting to do as much damage control as possible, we don’t know if Ascension paid the ransom or not. We know it has been disrupting business as usual, and patients are absolutely feeling it. According to the hospital in Round Rock, there is no timeline for when the hospital will return to normalcy.

On top of that, a former patient has filed a class action lawsuit, claiming that her personal information was leaked during the attack. Multiple agencies, including the FBI, are investigating the attack. The lawsuit is making claims that sensitive healthcare information wasn’t properly encrypted. 

It’s a whole mess, and if that’s the case, the ransomware attack will have uncovered unrelated violations to compliance standards, which just gives the massive hospital network even more to deal with. It’s not good, even if they were doing everything properly and above board.

Any Business, Big or Small, Can Suffer This Fate

We can’t stress this enough; cybersecurity isn’t just a problem for the big corporations. It can and does affect everyone. Your business doesn’t need to have a target on its back, it doesn’t need to be a certain size, and it doesn’t need to deal with a particular type of information or make a certain amount of money. Ransomware is agnostic to its victims.

All organizations need to have proper measures in place to defend against, and mitigate ransomware attacks. This involves taking a multi-step approach. We help Austin-based businesses meet and maintain regulatory compliance standards, as well as defend themselves against the growing risk of cyberattacks. 

Don’t wait until it’s too late, give Capstone Works a call at (512) 343-8891 to get started.

Alert! Watch Out for Zero-Day Exploits Like These
Everything Business Owners Need to Know About AI
Comment for this post has been locked by admin.
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Sunday, October 13, 2024

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Current Events Cloud Communications media accounts Remote Workers Gadgets VoIP Managed Service Efficiency Business Cybersecurity Broadband Recovery Managed Services Cyberattack best practices Workplace Strategy Delightful surge protection Vendor Data Privacy Day Compliance Malware Network Security SCAMS cloud right time Password devices Saving Money Microsoft Ransomware business owners Remote Work Passwords Workplace Strategies application employees download Tech Support Saving money Remote managed IT Engineering Tip of the Week Cloud computing employees Business Continuity hackers Backup Microsoft Office 365 Clutch Innovation User Tips AWS Social Media Marketing comprehensive IT Small Business IT Services Business continuity IT Support Two-Factor Authentication COVID-19 business continuity Workplace Tips Content Filtering Health File Folder EMR cybersecurity tools 2FA accounts need January 28 Microsoft Office IT support Disaster Planning phishing Outsourced IT Passwords today sports teams Server Data Users BDR Break/fit Hosted Solutions Productivity cybersecurity business UPS password protection Computer Shadow Technology AI Email Best Practices HIPAA Architect IT Network web application Apple Internet Microsoft Teams Privacy high-threat environment Software Hardware Managed IT Cloud services Mobile Office Common password content Security AutoCAD smart devices spam Communication Quick Tips New Year 365 features Disaster Recovery Co-managed IT Cloud Computing IoT Data Recovery Servers

Latest News & Events

Capstone Works is proud to announce the launch of our new website at https://www.capstoneworks.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our ser...

Contact Us

Learn more about what Capstone Works can do for your business.

Call Us Today
Call us today
(512) 882-2242

715 Discovery Blvd
STE 511

Cedar Park, Texas 78613