Another strain of ransomware has wreaked its havoc on the healthcare industry. This time its victims include over 45,000 medical practices and 180,000 physicians that are clients of Allscripts Healthcare Solutions, Inc. Allscripts is a publicly traded American company that provides physician practices, hospitals, and other healthcare providers with practice management and electronic health record technology.
Nearly a week after the ransomware attack, healthcare providers are still having difficulty accessing electronic health records and maintaining basic patient care functions. Many practices were forced cancel to procedures and turn away patients.
Allscripts may be the first EHR vendor to be taken down by SamSam ransomware. However, the healthcare industry isn’t the only victim of this particular variant of ransomware. The SamSam strain has been steadily increasing in multiple sectors over the past few weeks including government, healthcare, and Industrial Control Systems.
What is SamSam Ransomware?
While there’s been a sudden increase in attacks, SamSam ransomware isn’t a new virus. Rather a customized version used in targeted attacks. SamSam does not require a phishing email to get in. Instead, hackers leverage weak passwords and exploit unpatched machines with the goal of spreading to other devices throughout the network.
As these attacks do not appear to be slowing down, many experts stress the importance that healthcare IT leaders understand how the virus enters the network to take preventative action.
- Those with weak passwords.
- Those who reuse passwords and fail to limit admin credentials.
- Organizations that fail to limit the number of attempts allowed by a user to get into a system.
- Organizations that fail to monitor the number of attempts.
- Organizations that fail to keep servers locked up and safe with antivirus.