Ransomware Threats Targeting the Healthcare Sector

Abstract

Security is essentially a consideration in any computer system which holds sensitive or critical data. Ransomware attacks which are primarily based on encrypting critical data and demanding for a ransom to decrypt them, is one of the best approaches in harvesting money from critical industrial firms rather than damaging the information infrastructure. Even though general ransomware practices include encrypting critical data, sometimes it can come in a form of a threat to leaking of sensitive data to the public. Among the critical infrastructures in the healthcare industry, patient’s Personally Identifiable Information (PII) and also the operational data related to mission critical systems are the top concerns. Leaking of PII can cause a huge damage to the privacy of the patients who obtain the healthcare service for that particular healthcare provider. On the other hand, any system delays, malfunctions of inaccessibility or unavailability of operational data related to mission critical systems can cause hindrances to the usual operations of the healthcare provider and eventually will case a life-threatening situation to the patients as well. Through this research review, a comprehensive understanding to the topics; what is ransomware, why ransomware target health industry, what is the damage caused, new ransomware attack trends, mitigative steps and future research scopes are presented to the audience. At the end of the paper, overall conclusion made by analyzing reported incidents is presented with recommendation to mitigate the effects of future ransomware threats, targeted on healthcare industry.