As Hospitals, Nursing Homes Battle Coronavirus, Security Companies Offer Assistance With Cybersecurity Attacks

Ransomware attacks tend to spike in spring and summer months, creating a “near-perfect storm” for hackers to disrupt patient care.

• By Haley Samsel
• March 23, 2020

The spread of coronavirus across North America has been a nightmare for retirement and assisted living campuses, as COVID-19 tends to cause more severe symptoms in older people who struggle to recover from pneumonia. In turn, many of the coronavirus deaths in the U.S. have occurred in nursing homes and long-term care facilities.

This reality has meant that several cities and states have required nursing homes and assisted living facilities to stop all visitors and only allowing essential staff to come to work. But this is not the only threat facing these facilities and other healthcare organizations: Cybersecurity attacks are almost certainly on the horizon.

Some cybercriminals have stated their intention to not attack health organizations during the pandemic, though there are reasons to doubt those claims, POLITICO reported. In the past year, ransomware has targeted several hospital systems, nursing homes and other health organizations, paralyzing them as they attempted to access crucial patient data and file reports on patient outcomes.

Losing access to that data during an intense pandemic would likely cause horrific outcomes for patients and healthcare workers trying to serve them. That’s why several security companies announced they are offering additional ransomware and security assistance to healthcare providers.

EmsiSoft, Awake Security and CynergisTek are among the companies that are offering free or discounted services, according to HealthITSecurity.com. EmsiSoft announced a partnership with Coveware on March 18, stating its goal to provide free ransomware services to critical care hospitals and other healthcare providers for the duration of the crisis.

“Our aim? Get affected healthcare providers operational in the shortest time possible so they can minimize disruption to patient care,” EmsiSoft wrote in a blog post, noting that its free services would include technical analysis of the ransomware, development of decryption tools, ransom negotiation and data recovery.

In 2019 alone, 764 healthcare providers faced ransomware attacks, according to a previous EmsiSoft report. In its announcement, the company noted that ransomware attacks tend to peak during the spring and summer months, and that hospitals and healthcare organizations are often key targets of hackers.

“The spikes may be more pronounced than in previous years due to security weaknesses resulting from hastily introduced work-from-home arrangements, personal device usage and staffing shortages,” EmsiSoft wrote. “We may be looking at a near-perfect storm in which healthcare providers are disrupted at the very time they are needed the most.”

Other companies offering free services include Awake Security, which announced it will offer hospitals and healthcare facilities responding to the pandemic 60 free days of access to its security platform, HealthITSecurity.com reported. Healthcare officials can reach out directly to those companies for more information.

Echoing the statements of other security firms, EmsiSoft issued a warning to ransomware attackers, urging them to avoid targeting healthcare providers during the pandemic.

“Make no mistake, an attack on a healthcare organization will have negative outcomes and may result in the loss of life,” the company wrote. “We ask for your empathy and cooperation.”