Scripps Health Ransomware Attack Shows Medical Facilities a ‘Favorite Target’

A ransomware attack on Scripps Health’s computer network last weekend continues to significantly disrupt patient care.

The San Diego-based health care provider was forced to block patient access to its online portal. It also had to postpone appointments and send some critical-care patients to other hospitals. Scripps Health operates five hospitals in the San Diego area.

Scripps Health’s website remains down. On its Facebook page, the provider said its technical teams and vendor partners are “working around the clock to resolve these issues as quickly as possible. We have notified law enforcement and the appropriate governmental organizations.”

Its outpatient urgent care centers, and Scripps HealthExpress locations and emergency departments remain open for patient care, it said.

The Scripps Health ransomware attack comes as no surprise as cybercriminals have been heavily targeting health care providers, even more so during the COVID-19 pandemic.

Valuable Data Associated with Health Care

Paul Keely is chief cloud officer at Open Systems. He said medical facilities have become a favorite target of bad actors. That’s because health care data is worth up to 50 times more than credit card information. And it includes more personal details.

Open Systems’ Paul Keely

“Health care organizations clearly need to revisit their cybersecurity strategies to consider what else they can do to keep themselves, their patients and other stakeholders safer,” he said. “They can do that by working with proven partners that deliver integrated cybersecurity services that address today’s expanding IT enterprise edge, take a zero-trust approach to enforce access policy, and employ a combination of human cybersecurity experts and artificial intelligence (AI) to fully understand and respond to threats as they arise.”

Purandar Das is CEO and co-founder of Sotero. He said hackers are after soft targets knowing that are easy to attack and financially rewarding.

Sotero’s Purandar Das

“Organizations have to move toward protecting data via new encryption technologies that keep them secure while enabling privileged access,” he said. “This prevents a data-held hostage situation.”

Secondly, organizations have to move toward a resilient deployment architecture, Das said. That will enable them to bring up a failover system without risking long-term outages.

Our slideshow above features more comments on the Scripps Health attack and the week’s other cybersecurity news.