Ransomware Growing & Healthcare is Vulnerable

Ransomware is ramping up in healthcare. A newer Ransomware weapon, labeled “Philadelphia” last Fall by cybersecurity experts, has surfaced recently in the healthcare field. An off the shelf version of Philadelphia is widely available to cyber criminals and they use “spear phishing” email attacks. Spear phishing is the name applied to a harder-to-detect attack because it appears to come from a trusted source, and is specifically targeted at you. Another tactic similar to spear phishing, also personalized, is used against the C-Suite and is called whaling, where the rewards for the criminal are higher if successful. By contrast, phishing typically appears to come from a widely-known brand or website, like Netflix, PayPal, or the U.S. Postal Service, and you’ve been randomly chosen. A spear phishing or whaling attack looks personal because it is. They’ve gathered information about you to fool you. 

Hospitals and larger organizations are being targeted more now in 2017. Criminals collect ransom in bitcoin which provides anonymity, and large organizations often have cyber insurance to pay and get them back in business. It’s a rational choice but only increases criminals’ appetites to go after others.

What to do about this growing threat? It’s expensive, causes business interruption and exposes organizations to HIPAA violations when patient privacy is breached. Workforce members need to learn about cyber security and receive training on how to detect and avoid phishing of all kinds. The HIPAA E-Tool® contains workforce training on phishing and Ransomware. Make it a priority, learn more, and get serious about training at every level, from the front office to the C-Suite.

We tell our clients to “Think Before You Click”, and pause. In today’s world, unfortunately, we should all be more suspicious and should not click on attachments or links inside of emails unless we are 100% confident it is not Ransomware. If you are the least bit suspicious you should immediately notify your security official and IT staff. It doesn’t hurt to pause and could prevent huge losses of data, time, money and reputation.



The HIPAA E-Tool® makes compliance fast and easy. Get your free HIPAA Quick Start Kit, complete with a webcam privacy guard, HIPAA Hot Zone labels and a HIPAA checklist delivered directly to your office.

Share This Post

Share on facebook
Share on twitter
Share on linkedin

Maggie Hales

Maggie Hales is a lawyer specializing in health information privacy and security. As CEO of ET&C Group LLC she advises health care providers and business associates in 36 states, Canada, Egypt, India and the EU, using The HIPAA E-Tool® to deliver up to date policies, forms and training on everything related to HIPAA compliance.

Copyright © 2020 ET&C Group LLC.

The HIPAA E-Tool® and Protecting Patient Privacy is Our Job®
are registered trademarks of ET&C Group LLC

3534 Washington Avenue, Saint Louis, MO 63103
Terms of Service | Privacy Policy

Powered by JEMSU

You may have questions about COVID-19 and HIPAA. We have answers. 

We are open and answering questions about all the new modifications and waivers, coming from HHS, OCR, CMS, and the new CARES act.

If you need help with HIPAA during the COVID-19 pandemic, fill in the form, and we’ll get back to you.

Free hipaa kit!

hipaa compliance Quick start kit
Delivered free