author photo
By SecureWorld News Team
Mon | Oct 14, 2019 | 10:31 AM PDT

When our oldest son was born, it was a sign of the times in the medical field.

My wife's obstetrician told us something personal in advance.

"Your son will be the last child I help bring into the world. I'm done paying malpractice insurance. I said I would quit when my insurance premium hit $75,000 a year and I didn't. Now, it's headed up to $92,000 a year and that's just too much. I love what I do, but at some point it just doesn't make sense."

This was years ago, when an energetic and talented doctor quit because the cost of doing business was too high.

Now, it appears, there is another sign of the times in the healthcare field: ransomware attacks are driving doctors to quit—or retire early.

Ransomware attacks: driving doctors to quit

These ransomware attacks either scramble medical records or lock them up (encrypt) so that only a hacker with an electronic key can get to them.

This leaves medical practices and doctors with three unpleasant choices:

  1. Lose all patient information. Can you imagine your medical history, suddenly gone? Can you imagine being a doctor trying to care for patients when their medical data is unreachable?
  2. Pay the hacker ransom for keys to hopefully unlock medical records. The FBI says it's about a 50-50 scenario here. Sometimes you pay the hacker and the digital keys they give you work, and sometimes the keys they give you do not work. 
  3. Throw in the keys. As in quit, or retire early.

And sadly, some doctors are now choosing option three.

Medical clinic announces shutdown after ransomware attack

One example of doctors and clinics closing up shop after a cyberattack comes from Simi Valley, California, which is a suburb of Los Angeles.

Wood Ranch Medical posted this notice on its homepage: "Wood Ranch Medical Notifies Patients of Ransomware Attack"


This was more than some required notice of a cyber incident. It was also a goodbye:

"... we suffered a ransomware attack on Wood Ranch Medical's computer systems. Ransomware is a computer virus that encrypts our computer system until and unless we pay money (i.e., the ransom) demanded by the attackers. The attack encrypted our servers, containing your electronic health records as well as our backup hard drives. 

Unfortunately, the damage to our computer system was such that we are unable to recover the data stored there and, with our backup system encrypted as well, we cannot rebuild our medical records. We will be closing our practice and ceasing operations on December 17, 2019... between now and December 17th, we will work with you as you seek another medical practitioner for you and your family's healthcare needs. "

And this California case is not the only one.

Michigan ear, nose & throat clinic closed after ransomware attack

If you search for Michigan's Brookside ENT and Hearing Center on Google Maps, you'll get this message: "Permanently closed."

doctor-ransomware-attack-michiganThis is another case of a ransomware attack forcing doctors and a medical clinic out of business.

Health IT Security did a story that explains why doctors seemingly had no choice but to close up shop:

"The practice's computer system was completely encrypted, and hackers demanded $6,500 to decrypt the files. When the practice's owners and co-founders John Bizon, MD and William Scalf, MD refused the ransom demand, the cybercriminals wiped the entire system, including all patient records.

All appointment schedules, payment data, and patient information was erased... rather than rebuilding the practice, the owners made the decision to retire early."

The doctors quit and patients lost years, and in some cases decades, worth of medical history.

Hackers brag about their targets and attacks like these

People are being forced out of their profession, and patients are left wondering about their medical histories.

Here's a newsflash for you: hackers don't care.

Instead, most appear to be motivated by making money, notoriety, or the ability to "stick it to the man." Or perhaps a combination of these things.

Check out this string of "Twitter threats" from infamous hacker  thedarkoverlord. These threats were from last October:


Twitter has since suspended that account. But it reveals something, doesn't it, about the mindset of a notorious hacker?

If patients start dying, will hackers be charged?

As far as we know, no one has died as the result of a medical cyberattack.


But if people do, will hackers be charged with murder, or perhaps manslaughter?

It's a valid question a coworker brought up recently, because we are getting closer to that point where cyberattacks could end lives.

Right now, a cybercriminal is typically charged with computer or network intrusion, a technical crime, if they get busted for a cyberattack. Or perhaps wire fraud is the charge if the attack involved moving significant amounts of money.

But the old days of acting like hacking is just an IT problem are gone.

Now, it's an everyone problem, which could impact your physical health and safety.

For example, earlier this fall, three hospitals in Alabama diverted patients to other hospitals for several days, following a ransomware attack. 

The hospitals are back on track now, however, because they caved to hackers' demands.

I also think back to an interview I did with Jason Witty, who was in charge of securing U.S. Bank at the time I spoke with him, after his keynote at a SecureWorld conferenceHe outlined what we are up against.

"An explosively growing internet. Billion dollar funded adversaries successfully breaching thousands of companies per year. More 'things' on the internet than people, and now those 'things' are connected directly to the human body. What could go wrong?"

Something to ponder, as we realize these things are a sign of the times.