Hospitals face deadly consequences in ransomware attacks: Inside a simulated hospital hack operation

The recent hospital hack tabletop exercise hosted by cybersecurity unicorn Semperis shed light on the deadly consequences of ransomware attacks on health care organizations. The exercise, dubbed “Operation 911,” simulated a fictitious ransomware attack on a Las Vegas hospital, highlighting the challenges faced by hospitals in responding to such attacks.

Participants, including cyber specialists, health care professionals, and law enforcement officers, worked through the scenario of hackers taking the hospital offline. The response, typical for any health care organization, involved isolating affected systems, calling in the FBI for assistance, and negotiating a payment price with the hackers. However, the unique challenge faced by hospitals was the inability to simply turn off all systems, as doing so could disrupt patient care and potentially lead to loss of life.

The red team, representing the ransomware gang, focused on remaining undetected for as long as possible to exfiltrate sensitive patient records and financial documents. Their tactics included moving data laterally, stealing administrators’ passwords, and creating public pressure by reaching out to local journalists.

Ransomware continues to be a significant threat to health care organizations, with 85% of them targeted in the last year, according to Semperis’ ransomware risk report. CEO Mickey Bresman emphasized the importance of preparedness and recommended that all health care executives run training exercises to be ready to make tough choices in the event of a ransomware attack.

The bottom line is clear: not having a plan for responding to ransomware can have deadly consequences for hospitals and their patients. The hospital hack tabletop exercise served as a stark reminder of the urgent need for proactive cybersecurity measures in the health care industry.