Research Paper

Running head: RANSOMWARE ATTACKS 1

RANSOMWARE ATTACKS 2

Ransomware Attacks in Healthcare Facilities

Ransom-ware is a kind of malware condition that normally inhibits administrations from gaining access to some parts of the systems used in the organization. Therefore, this issue could create a significant problem in the security of data in the hospital as some information could be prevented from ever being accessed unless a certain amount of money is paid. The ransomware will lock or encrypt the data so that the users cannot access any information. It should be noted that even if the organization makes arrangements to pay the demanded amount of funds, it is not guaranteed that the data can be reaccessed. As ransomware renders crucial devices in an infection process, the consequences are delayed healthcare services to the patients, thus affecting the hospital's mission. Because of these effects, the organization should take a step to remediate the issue as soon as possible.

The organization should develop a cyber-security emergency response plan to prevent further damage to the hospital's data. Since the organization holds crucial information on personal health information and organizational information, establishing an effective cyber-security response plan is very important (Ali, 2017). The method to be developed would be used to guide the personnel in the hospital organization at all levels, especially in the management of any data breach in such a way that the response activities will be rapidly and thoughtfully be supported. The response plan to be executed will be considered as part of a wireless internet service provider and will include the following three phases.

Step number one of the plan would include assembling an internal team. The management has to refer any breach questions to the wireless internet service provider manager. They should establish a formal evaluation breach and an internal cyber-security reaction crew to control hospital's activities resulting from a violation of extremely sheltered info (Chinthapalli, 2017). The team's size to be assembled depends on the topographic reach, complexity and exposure of data loss of the hospital and might include the responsible manager for a wireless internet service provider, legal counsel both internally and externally, IT manager, human relation manager, and an operational manager,

At least, the response team would be responsible for guiding top executive and company panels of the main rupture and reaction advances, connecting within all staff that the possible rupture has transpired. An interior response crew would be speaking to it disapprovingly (Guinet, 2017). That core emails by members who are not part of the team should be sidestepped to bound accountability through the unacquainted assumption that may be able to be discovered in a succeeding the lawsuit of the incident. Tracing and assembling all appropriate information limits is executed by relevant law and investor agreements, thus ensuring that inside concerns and cyber-security response plans are secured to the utmost degree possible.

Phase number two of the plan is to identify any resources of external data security. In this stage, the team has chosen to search for outside support and offer complete communication info, including standby personnel if there is a case inaccessibility (Gordon.et.al, 2017). Although there would be a legal counsel in the team, the following persons should also be included in the group; an expert in computer forensics to manage any computer that might have been compromised or server, therefore, should be able to determine the extent at which the service has been incused and fix the issue soon enough. Another personnel to be included in the plan is the operations expert who would aid in giving out of cyber-security response Plan-related facts and deed matters, website variations, and temporary call midpoint extensions in case it is required to meet the information requirements of the patients.

Stage three of the plan would be differentiating certain breaches. The team members should determine whether the type of offense is mid-size or a threatening one and the kind of information that might be at issue in the breach, such as personal health information. After determining the type of violation, the team should be able to create an action item checklist whereby prioritized action items are completed as soon as possible (Krisby, 2018). The topics to be included in the list can be date and time the breach is revealed, establishing a perimeter to secure any system or equipment that could have been compromised to avoid further incursions. The management of the hospital should avoid raising the alarm concerning the breach at early stages unless the forensic expert has examined the invasion that occurred so that the hospital's reputation remains uncompromised.

Data breaching in the hospital can present catastrophic consequences, thus posing a significant threat to the healthcare facility, which in return would affect the maintenance of operational activities or the downfall of the whole facility. However, if the event sways through patient facility divisions for central service positions or undertaking acute supplementary departments, it may cause hostile effects to mutually dependent subdivisions throughout the facility (Langer, 2017). If it takes longer than a few months to reestablish amenity, the administrative results could be massive. The Emergency Operations Plan has been established to monitor the hospital's management in response to any disaster situation that might happen in the facility in the future. In case this situation occurs, the administration has to come up with a continuity plan that would be used to prevent further losses.

The Business Continuity Plan is projected to act as a vibrant apparatus to be castoff in crises, tragedies, and other disastrous occasions where the technology in the hospital departments is relentlessly obstructed (Lozada, 2017). The Business Continuity Plan slopes critical procedures by sections in the hospital, vital solicitations, Retrieval Time Objectives, and the assets needed to safeguard the continuity of processes, including work, provisions, IT applications, and other essentials. The business continuity plan's final objective is to restart operational activities and functions to a standard state after an emergency incident.

In the continuity plan, each division within the hospital facility would be needed to examine existing healthcare operations and classify the crucial roles necessary to execute care services to the patients and maintain the tasks. Essential tasks would then be highlighted to restore essential services, and resources can be apportioned efficiently (Monnet.et.al, 2017). For each crucial function, an RTO is consigned. An RTO is measured as the maximum amount of idle time that is permissible for an acute process earlier before the impact develops extreme enough to severely hamper the safety of the patients and thus stopping the continuation of business services. The hospital departments must detect which employment positions are compulsory for each period of operation and whether the available positions need to be substantially on the website or are supposed to telecommute.

Dynamic records are an indispensable resource, and therefore it should be talked about in continuity plans of the departments in the hospital. These records are electronically stored or recorded on paper to enhance the business's continuation in the facility, succeeding in an incident. Some of the categories of the information recorded that form part of vital records includes the healthcare records of the patients, administration of controlled drugs, and results of healthcare trials (Newman, 2017). Another category of documents is the information on birth records and some vital statistics. On the other hand are the operational records, which include information on accounts and some files from clients.

Upon initiation of the Business Continuity Plan, the director in charge of continuity of the business in the hospital facility in partnership with the departmental managers from the affected departments will use the Business Continuity Plan to categorize resources that would be needed to ensure that there is continuity of serious progressions within the hospital (Richardson.et.al, 2017). The section involved in the planning will include recovering the objectives in the incident response plan. Upon finishing point, the project will be approved and later communicated to the concerned departments.

The hospital management should then form a crisis communication team that would, in turn, come up with a crisis communication plan so that the incident and any future incidences would be communicated as soon as possible without leaking the state of the hospital to the media before a thorough investigation is carried out. The strategy to be established by this team should address the related issues to the internal and external shareholders of the hospital (Saad.et.al, 2018). A precise crisis communication plan would be able to differentiate between tributes from the press and public and thus making every necessary undertaking to ensure that the name of the hospital is not tarnished. The strategy is also meant to inform and remind the appropriate persons of their duties and responsibilities to keep any information regarding the facility safe and confidential so that the possibility of rumors being diffused to unrecognized people is reduced or avoided.

It should be considered that not everyone must be included in the crisis communication plan of a cyber-security incident. Some of the members to be included in the team are; the chief security officer, the chief officer in charge of information in the facility (Slayton, 2018). The communication team should come from the departments that are affected the most and should include members from the response team and legal department to deal with complex legalities resulting from the incident. Moreover, the roles and responsibilities of every team member should be defined in the crisis communication plan.

All persons who have appropriate information should be stimulated to deliver what they are aware of concerning the incident to the selected instance manager, just as defined in the communication plan. If one notices anything fishy in the systems, he/she should be able to communicate it to the relevant personnel. In the process of communicating the issues noticed, the crisis manager has to create an environment where people communicate valuable information so that accurate and up to date information concerning the crisis can be obtained and recorded. However, the manager has to inform the members and employees that the incident detected should be kept confidential and not to be disclosed to people who are not supposed to know, as this would destroy the reputation of the hospital.

Having cyber-security response and communications plans is crucial to the hospital organization because it helps the management prepare for any incident that might happen in the future. Clear, and well-defined plans keep the management at ease as they face the crisis with confidentiality in the most effective manner (Woldemichael, 2019). Besides, the programs assist the organization to come up with a mitigation solution to the crisis just as outlined in the policies. The plans also help the facility maintain a trustworthy relationship between the management, the clients, and the investors. Moreover, having a communication plan ensures that there is a transparent communication network in the organization, especially among the hospital departments.

In conclusion, a data breach in a hospital facility can be very catastrophic as the effects present are severe. The consequences could result in the facility to go through a massive loss as the data of different operations, accounts, and some crucial information of the hospital are exposed to an unauthorized person. As a result of this issue, the management is obliged to create a response team that would, in turn, come up with a perfect response plan to investigate the matter before it reaches the press. The communication team is also formed to plan a communication strategy for communicating the case in the most effective way such that the reputation of the hospital remains untarnished.

References

Ali, A. (2017). Ransomware: A research and a personal case study of dealing with this nasty malware. Issues in Informing Science and Information Technology, 14, 087-099. Retrieved from http://iisit.org/Vol14/IISITv14p087-099Ali3400.pdf

Chinthapalli, K. (2017). The hackers holding hospitals to ransom. Bmj, 357. Retrieved from https://www.bmj.com/content/357/bmj.j2214

Guinet, A. (2017, June). How to protect a hospital against cyber attacks. In International Conference on Health Care Systems Engineering (pp. 3-16). Springer, Cham. Retrieved from https://link.springer.com/chapter/10.1007/978-3-319-66146-9_1

Gordon, W. J., Fairhall, A., & Landman, A. (2017). Threats to Information security-public health implications. N Engl J Med, 377(8), 707-709. Retrieved from https://www.saudemaispublica.com/uploads/9/8/9/4/98944468/356355652-nejmp1707212.pdf

Krisby, R. M. (2018). Health care held ransom: modifications to data breach security & the future of health care privacy protection. Health Matrix, 28, 365. Retrieved from https://heinonline.org/HOL/LandingPage?handle=hein.journals/hmax28&div=12&id=&page=

Langer, S. G. (2017). Cyber-security issues in healthcare information technology. Journal of digital imaging, 30(1), 117-125. Retrieved from https://link.springer.com/article/10.1007%2Fs10278-016-9913-x

Lozada, L. (2017). Ransomware: analyzing the impact on healthcare and the economy (Doctoral dissertation, Utica College). Retrieved from https://search.proquest.com/openview/74b300065749129c74f4bd3a56cb2238/1?pq-origsite=gscholar&cbl=18750&diss=y

Monnet, B., & Very, P. (2017). Cyber Threats in the Health-Care Industry. In The Digitization of Healthcare (pp. 371-379). Palgrave Macmillan, London. Retrieved from https://link.springer.com/chapter/10.1057/978-1-349-95173-4_20

Newman, L. H. (2017). Medical devices are the next security nightmare. WIRED, Mar. retrieved from https://www.wired.com/2017/03/medical-devices-next-security-nightmare/?xing_share=news

Richardson, R., & North, M. M. (2017). Ransomware: Evolution, mitigation and prevention. International Management Review, 13(1), 10. Retrieved from https://digitalcommons.kennesaw.edu/facpubs/4276/

Saad, M., & Soomro, T. R. (2018). Cyber Security and Internet of Things. Pakistan Journal of Engineering, Technology & Science, 7(1). Retrieved from https://www.journals.iobmresearch.com/index.php/PJETS/article/view/2084

Slayton, T. B. (2018). Ransomware: the virus attacking the healthcare industry. Journal of Legal Medicine, 38(2), 287-311. Retrieved from https://www.tandfonline.com/doi/abs/10.1080/01947648.2018.1473186?journalCode=ulgm20

Spence, N., & Paul III, D. P. (2018). Ransomware in Healthcare Facilities: A Harbinger of the Future?. Perspectives in Health Information Management, 1-22. Retrieved from https://perspectives.ahima.org/wp-content/uploads/2018/06/RansomwareinHealthcare.pdf

Woldemichael, H. T. (2019). Emerging Cyber Security Threats in Organization. International Journal of Scientific Research in Network Security and Communication, 7(6), 7-10. Retrieved from http://www.indianjournals.com/ijor.aspx?target=ijor:ijsrnsc&volume=7&issue=6&article=002