Assignment: Ransomware—malicious Code

NOW F OR AN ORIGINAL PAPER ASSIGNMENT:Assignment: Ransomware—malicious Code

Nurse informaticists exploring new healthcare technologies on the Internet may find that ads for these technologies begin to pop up the next few times they are on the Internet. Spyware that does steal user IDs and passwords contains malicious code that is normally hidden in a seemingly innocent file download. This threat to security explains why healthcare organizations typically do not allow employees to download files. The rule of thumb to protect the network and one’s own computer system is to only download files from a reputable site that provides complete contact information. Be aware that malicious code is sometimes hidden in an email link or in a file sent by a trusted contact whose email has been hacked. If you are not expecting a file from an email contact, or if you receive an email with only a link in it—resist the urge to download or click!

A relatively new threat to healthcare organizations is ransomware—malicious code that blocks the organization from using their computer systems until a ransom is paid to the hacker. Consider this recent case of ransomware intrusion:

In February 2016 a hospital in Los Angeles made headlines for giving in to the ransom demand of hackers who used encryption to cripple its internal computer network, including electronic patient records, for three weeks, causing it to lose patients and money. After the hackers initially demanded $3.4 million, the hospital paid them $17,000. In explaining his decision, Allen Stefanek, president of Hollywood Presbyterian Medical Center, said, “The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom.” The money was transferred through Bitcoin, a cryptocurrency that permits anonymity. (Goldsborough, 2016 , para. 2–3)

In addition to strict policies related to network security, organizations may also use such devices as firewalls (covered in the next section) and intrusion detection devices to protect from hackers. Protect yourself at home by ensuring that you have an updated version of antivirus software, be wary of unusual emails, and develop strong passwords and change them frequently. If your email is hacked, report it to the proper authorities as soon as possible, warn your contacts that you have been hacked, change your password, and check to see that your antivirus software is up to date.