A new story from Dr. Daliah

Automatic TRANSCRIPT

Eight seven seven D. O. C. D. A. L. I well I've our attitudes were supposed to be we do not deal with terrorists we do not give into terrorists will unfortunately an Alabama based health system had to pay all Packers because they were attacked in ransomware attack and it disrupted operations of three hospitals beginning on Tuesday morning this is going to assert a report by Tuscaloosa news it is closely follows an FBI warning that the number sophisticated attacks on businesses state local government is continuing to crime so basically climb so basically these ransomware attacks well I guess in crypt entire file systems and then attackers demand ransom payments usually a crypto currency by the correct description key and they say the last few years accord to Gizmodo turn it rains words had some businesses demanded big payouts and they are now probably one of the biggest targets of cyber security specialists in the Alabama incident medical seven hospitals in Tuscaloosa north port and finance were forced to switch to a manual paper system to track patient data while the systems were down all three hospitals had to diverge all but the most critical new patients to other area health care centers for the duration of the outage now we don't know how much was paid and you know the media does want to keep that under wraps because they don't want to incite other cyber criminals to do this but spokesman Brad fissures on Saturday morning that the company had teams working constantly to undo the damage and no patient information was compromised a data breach on Friday and AV medicine in Birmingham which hackers unsuccessfully tried to steal automatic payroll deposits appear to be unrelated wow the hackers trying to steal automatic payroll deposits well they could do anything I think not I mean they have the ability to do anything they say we work with law enforcement IT security experts to assess all options and executing the solution we felt in the best interest of our patients and in alignment with their health systems the mission now that is Fisher is I believe from the health system and I guess they're trying to explain why they gave it is a good purchasing a description key from the attackers to expedite system recovery and help ensure patient safety for envoys pretty reasons we'll be keeping confidential specific details about the investigation and according to what the attacker so the key confidential me they're not going to tell us what's going on so they say that the company is working with I. T. T. to use our own DCH backup files to rebuild certain system components after they obtain the decryption key so my concern is what did they have a back up system already did she will continue re directing patients other institutions in the meantime and this is a time intensive process so you know more about computers than I do all I know is that I am a medical office I had people trucks and we were starting to go electronic this was before I left to go teach we were starting to do the process of electronic I just was kind of overwhelmed with how our patient data will be kept safe you have to scan it into the system or by fax or by you know what when faxes come in like labs etcetera it gets up loaded but it gets upload into a system then you have to move the file and you know I'm like wait a second you know can my staff actively screw up and if they don't put the lab in with the file how will I know and be an old school I found the whole computer process very intimidating where if I can't look at my labs and I can't identify what's wrong you know what what if I can't you know at at a hit of a button see everything I need to just get the paper and so we basically aborted the electronic health record process a few times before we finally agreed to start doing it and I I didn't like it I just I didn't like it and I just didn't know how secure it was going to be I thought the V. mistakes you know I thought that a file would get into the system and if I didn't see it if it wasn't put in a file to be read by the doctor that it would never get looked at and you know a lot of lawsuits that happen out there it's not so much because the doctor is stupid or the doctor you know we didn't know who his or her medicine it's they never got to look at a lab so the lab was abnormal and it sat there somewhere so I didn't want that in a computer savvy and I can't say how many patients call me saying I haven't heard back my doctor did labs I have her back now many EHR systems are a little bit more sophisticated where they will flag account or they'll be in alarm all they see these are on red labs but again you can have a rogue employee going I want to get out of here on Friday let me just move them over I don't know and so you know at least with paper I could say you know what just reprint everything just reprint collapse and I could just look at the labs which is what I used to do I used to look directly at the labs that I would look at them to get on the charts and I was double do because I didn't want to miss anything so you know we should we pay out these ransomware attackers brick callow spokesman for cyber security firm M. S. M. C. M. so soft told Gizmodo pale to the fuel the drive ransomware tax the only way to stop attacks is to make them unprofitable that isn't to say impacted entity should never pay and it was like a hospital may have little choice in the matter but rather that they should bolster their security to avoid being a packed in the first place so most hospitals have great security systems isn't that the security is a good enough is that whatever system you think you have that is the best of the best ends up not actually a bean five months down the line over a year down the line and you know most security systems you drafted up the level of the sorcerers as we have an update to keep updating just like anti virus you guys like me my computer always cause you to update your anti virus I go we just did that two weeks ago what we talk about but because our security measures in place so earlier this month I am so soft released a report indicating that in the first nine months of two thousand nineteen at least six hundred twenty one government entities healthcare service provider school districts colleges and universities have been subject to ransomware tax six hundred twenty one ransomware attacks that means every month rather what seventy eighty that's a problem because of the tax amount possible to estimate due to lack of publicly available data but they think we're looking at the tens of millions or hundreds of nights four hundred ninety one of the attacks on healthcare providers healthcare providers so four hundred ninety one of the six of the twenty one is okay why is the health care such a a huge draw well because you know these I think the healthcare system is still kind of in a state of we don't look like we have our acts together you have it's a huge industry you have lots of people needing access see government officials only certain people have access but in health care systems usually everybody in the building you know and anybody that you know as as as medical records has access so I think the access is less encrypted that's my guess so Louisville Kentucky got attacked there was a dental offices verily a cloud management service Percy soft reported hundreds of dental offices attacked a hospital Wyoming was stacked so when the average patient goes I'm not gonna say anything that's going to my chart I want to keep it private so just take my word for it I need this I need that you're going to run into some problems because doctors can't write antibiotics they can't write a cut if they can't write certain things and you on the other and don't want to be overly open because you're afraid that that data is not going to be secure that other people can access it is that we kind of have the state of distrust we have the state of one not going to tell people that the mother to tell people the nitty gritty I mean you know many jumps up there are scared to death if they get a finger stick where in the cyber sphere there's going to be that data if they got exposed to something a doctor having HIV can kill the practice so a doctor is not really going to want to be open about that now you can use zero names I mean I'm sure Hollywood stars have suitable names you know when they go yeah because otherwise somebody could access Tom cruise's or Brad Pitt's medical records and if that's their stage today my guess is they have regular names but some stars that's just the name and that's just you know so you know our lack of protection our lack of faith in I mean a hospital systems have very expensive anti ransomware so my guess is these people were just smarter than their company that you know little of that they hired for the ransomware so MC soft encourages teaches individuals facing the attack to use free services available on the website and I. D. ransomware check with the specific type and version of the malware involved has already been cracked so if they have a type of malware.

Coming up next