Canadian Journal of Nursing Informatics

Information

This article was written on 21 Dec 2021, and is filled under Volume 16 2021, Volume 16 No 3-4.

Current post is tagged

, , , , , , ,

The Conti Ransomware Attack on Healthcare in Ireland: Exploring the impacts of a Cybersecurity Breach from a Nursing Perspective

Print Friendly, PDF & Email

by Margaret Moran Stritch RGN, BSN

Michael Winterburn MSc, BSc, NCFM

& Frank Houghton PhD, MPHe, MA, MSc, MA, BA(Hons)

Corresponding author: Frank.Houghton@LIT.ie

Citation: Moran Stritch, M., Winterburn, M., & Houghton, F. (2021). The Conti Ransomware Attack on Healthcare in Ireland: Exploring the impacts of a Cybersecurity Breach from a Nursing Perspective. Canadian Journal of Nursing Informatics, 16(3-4).  https://cjni.net/journal/?p=9383

Ransomware

Abstract

Ireland’s state health service, the HSE, was recently the subject of an aggressive ransomware cyber attack which paralysed almost the entire state healthcare sector. This article explores the probable ‘Playbook’ of the attack and examines the practical impact of the attack on patient safety and nursing roles and procedures. The Conti Ransomware Attack, as it is known, is just one of the latest in an increasing number of attacks on health systems globally. The wider implications of this attack are briefly discussed, as well as actions to prevent and respond to such attacks in the future.

Introduction

On the 14th of May 2021 the state healthcare service in Ireland, the Health Services Executive (HSE), was crippled by the ‘Conti’ ransomware attack. Unlike the recent Continental Pipeline ransomware attack (Shear et al., 2021), Ireland refused to pay the US$20 million ransom and a month later many of its systems are still not operational.  The CEO of the HSE has discussed the “catastrophic” impact of the attack in media, and it is estimated that repairing and upgrading the Irish health system’s IT infrastructure will cost at least €100 million (Cullen, 2021).

The need for nursing to fundamentally reframe its relationship with digital technology has been recently noted by a number of authors (Catton & Iro, 2021; Booth et al., 2021). At the same time Nahm et al. (2019) have discussed the lack of a focus on cybersecurity in nursing informatics and they, and other authors, have warned of the dangers in this expanding field (Stockwell, 2018;  Billingsley and McKee, 2016). The lack of a focus on cybersecurity and ransomware in particular in the health services generally is surprising. The history of ransomware is intimately linked to healthcare. The first recorded case of this phenomenon was the 1989 AIDS Trojan (also known as PC Cyborg) in which Dr J.L. Popp, an evolutionary biologist, sent 20,000 infected diskettes labelled “AIDS Information – Introductory Diskettes” to those attending a WHO conference on AIDS. After 90 reboots the Trojan software activated to hide directories and encrypt file names. To regain access a fee of $189 had to be paid to PC Cyborg Corp at a post office box in Panama (Waddell, 2016).

Historically individuals were frequently the targets of ransomware attacks. However, more recently hospitals and health systems are increasingly the subject of such attacks (Millard, 2017; Argaw et al, 2020). Perhaps one of the most well-known examples of a ransomware attack was an assault on Hollywood Presbyterian Medical Center in Los Angeles, California in 2016 (Yandron, 2016). The Medical Center paid US$17,000 in bitcoin to obtain a decryption key to regain access to their files. Although the amount in question is relatively insignificant, the impact of reputational damage, ten days of lost service, and a significant IT infrastructure upgrade were significant and cost a factor many times that of the ransom fee (Tully et al., 2020). The following year a global ransomware attack, WannaCry, reputedly infected over 200,000 systems in over 150 countries. This attack directly impacted over 50 hospitals in the UK’s National Health Service (NHS), with many more hospitals closing their systems as a precautionary measure.

Other high profile cyberattacks include the 2015 theft of 80 million records from Anthem, a US health insurance company (Abelson & Goldstein, 2016), as well as an attack in 2016 in which 1.28 million records from the Australian Red Cross Blood Service were stolen and then posted on line. The information released included highly sensitive data, including information on at-risk sexual behaviour (Coyne, 2016). More recent attacks include the 2020 attack on Brno University Hospital in Czechia (Porter, 2020), and an attempted attack in the same year by the PentaGuard group against hospitals in Romania (ZDNet, 2020). Further technical details on the Conti attack on Ireland’s HSE are detailed in Table 1.

Table 1: Conti Ransomware Technical Details



Whilst many details of the recent HSE cyber-attack (14/05/21) are not available yet, it is being called the Conti Ransomware attack. Conti Ransomware has had a number of Common Vulnerabilities and Exposures (CVE) identified. It is thought that CONTI which first appeared in December 2019 is based on older malware called RYUK (dates back to August 2017) and adds to that attack the exfiltration of the victims files from the local network to be possibly published on the dark web to further extort and embarrass the victim.
 
Hospital and other healthcare facilities are being targeted by RYUK and CONTI ransomware which is attributed to the CryptoTech cyber-crime group (author) and may be considered Ransomware as a Service (Raas) which other organisations e.g. Wizard Spider (distributor) use to launch cyber-attacks on victims e.g. the HSE. The victim is intended to pay a ransom in Bitcoins that is then shared between the author and distributor. Both organisations are said to be located in Russia or the Ukraine (Meland et al., 2020; Computer Fraud & Security, 2020; Shankar, 2021; Heller, 2021).
 
The attack on the HSE likely took a number of steps which either began with an Internet facing application e.g. a phishing email which contained an attached document or link to a cloud hosted document or a compromised USB flash drive being inserted into a computer on the network. As the victim clicks on a file or link a Trojan malware called Trickbot is executed. This connects the victim’s computer to a Command and Control server (C&C) of the attacker that manages a number of compromised computers in a ‘BotNet’. Another possible attack vector exploits a vulnerability in unpatched FortiGate firewalls.
 
The Trickbot malware may access user passwords including the domain administrator account (if used by that specific user), banking info and cookies on the victim’s computer. The malware will send out beacon messages occasionally to the C&C server to let it know it is still active. These communications may be embedded in legitimate DNS traffic so are not identified by monitoring software or firewalls as being security events. The victim’s computer has become a Zombie on the Botnet and may be used to send out new Phishing emails using the victim’s address book. The Trickbot malware may install other malware such as Cobalt Strike, Zerlogin or Mimikatz which then begin to move ‘laterally’ throughout the victim’s network using the compromised domain administrator account at which point the RYUK/CONTI ransomware is download and installed.
 
CONTI will seek out user files used whether on the local computer, servers, network shares or even cloud based storage and encrypt them (256 AES encryption). It will amend the files with the .CONTI extension. It will also seek to compromise the domain controller server and other key services in the network using administrator accounts. CONTI may send user’s files to the attacker’s servers on the Internet to be published on the dark web or used to place further pressure on the victim to pay the ransom.
 
Lastly a CONTI_README.txt ransom note will be left on the desktop giving the victim instructions on how to proceed to decrypt their encrypted files.
(FortiGuard SE Team, 2019; Martin et al., 2017; Mitre, 2021)

It is important for all health service staff to understand that evidence suggests that since the beginning of the global COVID-19 pandemic cybercrime attacks on health services have increased (He et al;., 2020; Williams et al., 2020). There are a number of factors that have increased the vulnerabilities of health services to such attacks. These include stressed and over-worked healthcare staff, as well as a rapid transfer to online offsite provision of many services (Williams et al., 2020).

It must also be acknowledged that the healthcare industry is unusually susceptible to cybercrime and cyberattacks (Argaw et al., 2019; Luna et al., 2016; Kruse et al., 2017; She et al., 2020). Undoubtedly, part of the reason is lack of funding for both IT resources and IT security experts. As Millard (2017) notes the WannaCry attack which impacted the UK’s NHS so badly was in part enabled by the UK Government’s ‘decision to forgo a £5.5 million ($7 million) annual security-support arrangement with Microsoft’. Millard goes on to state that such a would-be saving ‘proved to be a painfully counterproductive exercise in short-term austerity’ (Millard 2017, p. 19). Spending on IT systems or personnel in healthcare is low compared with other sectors of the economy. It is generally estimated to be only a quarter of that of other sectors and pay for healthcare IT personnel similarly struggles to match the going rate for talented staff. Many IT systems in healthcare are both out of date and unsupported. However, it should be noted that cost is only one of many limiting factors. Upgrading hospital IT systems has also been noted to be particularly challenging because such settings are ‘extraordinarily technology-saturated, complex organizations with high end point complexity, internal politics, and regulatory pressures’ (Jalali & Kaiser, 2018, p. e1).

The caring culture within the health services has itself been noted as an issue in combating cybercrime. The primary orientation of the health services is focused on patient care and information sharing. Thus the focus on cybersecurity is often second to such concerns. The complex nature of governance in healthcare has also been noted as an important impediment to improved cybersecurity in healthcare. In many jurisdictions healthcare is administered by networks of providers and clear leadership and standards on this crucial issue are often absent.

The wider implications of the Conti cyberattack in Ireland are extremely significant. Most obvious is the effective closure of many services. However, patient safety has also been compromised. Table 2 contains a series of vignettes exploring the impact of the Conti ransomware attack based on the lead author’s experiences of working as a theatre nurse in a busy regional HSE hospital. Almost all computer systems in the HSE were impacted. This ranged from staff emails, to imaging and lab test results to blood bank electronic monitoring and ordering.

It is important to remember that this system wide disruption happened hard on the heels of major disruption to services for approximately a year resulting from the COVID-19 pandemic. Both factors have significantly impacted a service that has been struggling for decades with extended waiting lists, and overcrowded Accident & Emergency services, with patients being treated on trolleys in hospital corridors a standard feature (Tussing & Wren, 2006).

Table 2: Vignettes & Reflection from a Nursing Perspective



The following are five brief vignettes detailing some examples of how the Conti ransomware attack impacted nursing followed by a short reflection:
 

1. Lab Results (including pregnancy tests, bloodwork, COVID swab results)


The cyberattack meant diminished access to lab results all over the hospital.  For example, lab results to access COVID swab tests were not available on the computer, so we had to phone the onsite hospital lab directly and ask to confirm  a patient ‘s COVID status using patient numbers and names.  This was a particular issue for non-emergency surgical patients because if we cannot confirm COVID status the patient is treated as a suspected COVID-positive case which requires an enhanced safety and sanitisation protocol, delaying surgeries and increasing the amount of time needed for each procedure.
 

2. Emergency surgery patients (i.e. trauma, ruptured abdominal aortic aneurysm, etc.)


There was no time to do any COVID testing or to check results manually as they required an immediate surgical intervention.  Therefore we  had to treat all emergency surgeries  as if they were COVID positive which means we needed extra PPE, extra time to clear theatres pre-op and do a thorough cleaning post-op.  In these cases  imaging services such as X-rays, MRI results etc. were limited or completely unavailable creating more uncertainty and risk diagnostically. 
 

3. Imaging


The cyberattack had a very negative impact on patient care in particular for patients who were undergoing either   or endovascular  surgery.  In these surgeries the ability to screen where there are blood vessels, blockages etc. is a necessity but was limited, or could not be conducted. 
 

4. Handwriting of assessments and labels


The operating theatre uses a system of addressographs/patient identification wristbands which would have the patient’s details (name, ID, date of birth).  These would normally be printed from a computer on admission.  Due to the cyberattack, staff had to change to manual transcription of the information.  We had to rely on previously printed sheets in their charts to try to ensure correct patient identification.  This impacts patient safety as fluids and general wear and tear on the wristband meant that at times they were unreadable.  Nurses were therefore depending on the patient to be able to verify their information which some could not do due to cognitive issues, communication difficulties or shock.  Also, in ensuring correct patient identification, nurses had to rely on their own ability to read other healthcare professionals’ handwriting.
 

5. Blood transfusions


The HSE use a computerised blood track system called “Blood Track TX” which involves the use of  a PDA (Personal Digital Assistant) handheld scanner.  This completely electronic system has been in use for several years. It allows blood samples to be collected and labelled appropriately as well as blood products to be checked and transfused safely and efficiently by a single registered nurse.  The system  is in use in all hospital departments including operating theatres.  In the years before the introduction of Blood Track TX, blood products were checked by two registered nurses and signed for manually by both nurses.  The patient’s vital signs throughout the transfusion were also recorded manually in writing.  The PDA system eliminates this somewhat cumbersome process by avoiding the need for two professionals to check the products and the extra work of manually documenting vital signs.   The electronic system is speedy and efficient and would be the only familiar approach especially for newer graduates.
 
From my experience, prior to the recent cyberattack, I have only used the manual system once in my third year student clinical placement. I was instructed to use it at the time by my preceptor because she felt it would be beneficial for me to “see the old-fashioned way” of blood product transfusions.  Unfortunately the recent cyberattack in Ireland has meant that we need to return to the “old-fashioned” manual way which means we need to spend more time training newer staff members in this approach and it is much more time-consuming as a result.  Even though technology is constantly updating the nursing profession, in a way the cyberattack has reminded us that there are traditional nursing protocols and skills that we should be aware of and proficient in.
 

Reflection


If anything, the cyberattack has united staff of all ages, as we are all under the same pressure.  It served as a reminder of how healthcare has progressed through technology and made our jobs easier. I appreciate it more now but realise I cannot become complacent.  It’s been interesting to see how nurses who were trained before me and are further along in their careers are the ones who are the most expert in the “old school” approaches and are doing a lot more instruction as a result. 

The potential adverse health impacts caused by the threatened or actual release of sensitive health data stolen in the cyberattack are significant. There can be no doubt that the personal and professional lives of many individuals will be negatively impacted into the future, whether it be as a result of stress, blackmail, extortion, identity theft, fraud, or public censure from the publication of stolen data.

Wider implications of the cyberattack also include a loss of public confidence in both the HSE and health information systems generally. The deliberate online publication of 520 sensitive health records has already been confirmed by the HSE (Gallagher, 2021). The anguish caused to these and other patients into the future is significant. Patients and potential patients into the future may be less willing to seek treatment and support, particularly around more stigmatised issues such as sexually transmitted infections, mental health services and intimate partner violence. Such concerns may also impact uptake of reproductive health and termination services.

Cybersecurity is absolutely integral to patient safety (Coventry and Branley, 2018). Patient safety is also undoubtedly compromised following such attacks as easy access to information on comorbidities, allergies, and existing prescriptions is also routinely lost. However, it is important to remember that heath service providers that are the victims of such cyberattacks may themselves consequently be subject to patient-led legal action, statutory criminal proceedings for lack of due diligence, in addition to an array of compensation payments and regulatory fines. The reputational damage to health providers may also have significant and long-lasting financial implications. When assessing the financial impact and cost of such attacks and improvements in IT systems and personnel, it is vital to also acknowledge the opportunity cost of such incidents and developments. Undoubtedly money spent on cybersecurity is, in reality, money that is lost to direct health service provision.

It is also possible that the growing frequency of such attacks may hinder the development of connected health systems, which are vital for meaningful electronic health records (EHRs) (Billingsley, 2016). Such attacks may also impact the development of a host of wireless smart devices to promote and monitor health, often referred to as the internet of medical things (Pal et al., 2020). It should be noted that we have already witnessed the withdrawal of the first diabetes device because of vulnerability to cyberattack (Klonnoff & Han, 2019). In 2019 the U.S. Food and Drug Administration (FDA) announced that certain insulin pumps were being recalled because of potential cybersecurity risks. Such cyberattacks have been termed ‘medjacking’ (Armstrong et al., 2015).

Although the cybercriminal group responsible for the Conti attack on the HSE appear to have released the key to unlock their system, health services in Ireland remain in disarray a month later. As evidenced in the vignettes above the impact on nursing practice has been significant. Patient safety has been significantly undermined, and staff workloads and stress levels have increased dramatically. The wider and long-term implications are also very significant. There is of course the very real impact of delayed diagnoses and treatment, as well as increasing waiting lists, and the potential for increased patient hesitancy into the future given concerns over confidentiality.  Such attacks damage public confidence and will ultimately divert scarce resources into IT security at the expense of other areas. Such concerns may also limit the development of smart wireless health products. We can also anticipate criminal use of stolen sensitive patient information. Unconfirmed reports of attempts to exploit this information have already emerged (Burns, 2021). Into the future it is vital that cybersecurity is seen through the lens of patient safety. All staff in the health services must actively engage with this issue and strive to understand how to both prevent and respond to breaches in cybersecurity. Key points in the process of improving cybersecurity are outlined in Table 3.

Table 3: Action Plan to Prevent & Respond to Cyberattacks (based on the National Institute of Standards and Technology (NIST), U.S Department of Commerce, Cybersecurity Framework), 2021

NIST 5 Core ElementsExample CategoryExample Implementation
IdentifyRisk ManagementDevelop an organisational plan to manage cybersecurity risk to systems, assets and data:
  • write security policies
  • design mitigation strategy
  • conduct risk assessments
  • improve cybersecurity in the areas identified as being at risk
ProtectUser EducationProvide staff training on best practise especially in relation to phishing emails, web browsing and USB flash drive usage.
Network SecurityDefend the network though firewalls, anti-malware defences etc.

Harden all network infrastructure and servers.

Backups (3-2-1 rule as a minimum)

Local administrator accounts must be complex and unique.

Micro segment the network.

Control/stop USB flash drive usage.
MaintenanceUpdate/patch all anti-malware software and operating systems.
Identity ManagementImplement:
  • the principle of least privilege for user accounts
  • complex password policy
  • multi-factor authentication
  • password renewal policy
  • secure remote user policy (e.g. VPN, Zero trust)
DetectMonitoring Network EventsContinuous monitoring of network traffic through intrusion detection and prevention processes.

Identify cybersecurity events.
RespondResponse PlanDevelop and implement a plan of activities to act on detected cybersecurity events:
  • communicate between cybersecurity team, management and end users
  • implement mitigation strategy
RecoverRecovery Plan Improvements, CommunicationsDevelop and implement appropriate activities to rehabilitate the network:
  • Restore from backups
  • Improve the cybersecurity posture
  • Communicate with stakeholders
  • Don’t pay ransomware

References

Abelson & Goldstein (2015, Feb. 5) Anthem Hacking Points to Security Vulnerability of Health Care Industry. New York Times. https://www.nytimes.com/2015/02/06/business/experts-suspect-lax-security-left-anthem-vulnerable-to-hackers.html

Argaw. S.T., Bempong, N.E., Eshaya-Chauvin, B., & Flahault, A. (2019) The state of research on cyberattacks against hospitals and available best practice recommendations: a scoping review. BMC Medical Informatics and Decision Making, 19(1), 10.  doi:10.1186/s12911-018-0724-5

Argaw, S.T., Troncoso-Pastoriza, J.R., Lacey. D., et al. (2020) Cybersecurity of Hospitals: discussing the challenges and working towards mitigating the risks. BMC Medical Informatics and Decision Making, 20(1), 146.  doi:10.1186/s12911-020-01161-7

Armstrong, D.G., Kleidermacher, D.N., Klonoff, D.C., & Slepian, M.J. (2015) Cybersecurity Regulation of Wireless Devices for Performance and Assurance in the Age of “Medjacking”. Journal of Diabetes Science and Technology, 10(2), 435-438. doi:10.1177/1932296815602100

Billingsley, L. & McKee, S.A. (2016) Cybersecurity in the Clinical Setting: Nurses’ Role in the Expanding “Internet of Things”. The Journal of Continuing Education in Nursing, 47(8) . https://doi.org/10.3928/00220124-20160715-03

Booth, R., Strudwick, G., McBride, S., O’Connor, S., & Solano Lopez, A.L. (2021) How the nursing profession should adapt for a digital future. BMJ, 373:n1190. Doi:10.1136/bmj.n1190

Burns, S. (2021, May 21) Gardaí urge victims to report cybercrime but cannot confirm link to HSE hack. The Irish Times, https://www.irishtimes.com/news/health/garda%C3%AD-urge-victims-to-report-cybercrime-but-cannot-confirm-link-to-hse-hack-1.4571742

Catton, H., & Iro, E. (2021) How to reposition the nursing profession for a post-covid age. BMJ, 373:n1105.

Computer Fraud & Security (2020) Major ransomware campaign targets healthcare facilities in US. Computer Fraud & Security, 11, 1-3.

Coventry, L., & Branley, D. (2018) Cybersecurity in healthcare: A narrative review of trends, threats and ways forward. Maturitas, 113, 48-52. doi: 10.1016/j.maturitas.2018.04.008

Coyne, A. (2016, Oct 28)  Australia’s biggest data breach sees 1.3m records leaked. ITNews. https://www.itnews.com.au/news/australias-biggest-data-breach-sees-13m-records-leaked-440305

Cullen, P. (2021, May 27) Cyberattack: HSE faces final bill of at least €100m. The Irish Times.   https://www.irishtimes.com/news/health/cyberattack-will-cost-hse-at-least-100-million-to-restore-and-upgrade-network-1.4577076

Fiscutean, A. (2020, July 27) A history of ransomware: The motives and methods behind these evolving attacks. CSO Online. https://www.csoonline.com/article/3566886/a-history-of-ransomware-the-motives-and-methods-behind-these-evolving-attacks.html

FortiGuard SE Team (2019, Sept. 25) TrickBot or Treat – Knocking on the Door and Trying to Enter. Fortinet. https://www.fortinet.com/blog/threat-research/trickbot-or-treat-threat-analysis

Gallagher, C. (2021, May 28) HSE confirms data of 520 patients published online. The Irish Times. https://www.irishtimes.com/news/crime-and-law/hse-confirms-data-of-520-patients-published-online-1.4578136#:~:text=The%20Health%20Service%20Executive%20has,Financial%20Times%20nine%20days%20ago.

He. Y., Aliyu, A., Evans, M., & Luo, C. (2021) Health Care Cybersecurity Challenges and Solutions Under the Climate of COVID-19: Scoping. Journal of Medical Internet Research, 23(4), e21747. doi:10.2196/21747

Heller, M. (2021, Feb 16) A Conti ransomware attack day-by-day. Sophos News. https://news.sophos.com/en-us/2021/02/16/conti-ransomware-attack-day-by-day/

Jalali, M.S., & Kaiser, J.P. (2018) Cybersecurity in Hospitals: A Systematic, Organizational Perspective. Journal of Medical Internet Research, 20(5), e10059. doi: 10.2196/10059.

Klonoff, D., & Han, J. (2019) The First Recall of a Diabetes Device Because of Cybersecurity Risks. Journal of Diabetes Science and Technology, 13(5), 817-820. doi:10.1177/1932296819865655

Kruse, C.S., Frederick, B., Jacobson, T., & Monticone, D.K. (2017) Cybersecurity in healthcare: A systematic review of modern threats and trends. Technology and Health Care, 25, 1–10. DOI 10.3233/THC-161263.

Luna, R., Rhine, E., Myhra, M., Sullivan, R., & Kruse, C.S. (2016) Cyber threats to health information systems: A systematic review. Technology and Health Care, 24(1):1-9. doi: 10.3233/THC-151102.

Martin, G., Martin, P., Hankin, C., Darzi, A., & Kinross, J. (2017) Cybersecurity and healthcare: how safe are we? BMJ, 358, j3179. doi: 10.1136/bmj.j3179.

Meland, P.H., Bayoumy, Y.F.F., & Sindre, G. (2020) The Ransomware-as-a-Service economy within the darknet. Computers & Security, 92, 101762.

Millard, W.B. (2017) Where Bits and Bytes Meet Flesh and Blood. Annals of Emergency Medicine, 70(3), 17A- 21A. doi:10.1016/j.annemergmed.2017.07.008

Mitre. (2021) Exploit Public-Facing Application. Mitre.  https://attack.mitre.org/techniques/T1190/

Nahm, E.S., Poe, S., Lacey, D., Lardner, M., Van De Castle, B., & Powell, K. (2019) Cybersecurity Essentials for Nursing Informaticists. CIN: Computers, Informatics, Nursing, 37(8), 389-393 doi: 10.1097/CIN.0000000000000570

National Cyber Security Centre. (2021) Ransomware Attack on Health Sector – UPDATE 2021-05-16. Ireland: National Cyber Security Centre, Department of the Environment, Climate & Communications. https://www.ncsc.gov.ie/pdfs/HSE_Conti_140521_UPDATE.pdf

NIST. (2021) Cybersecurity Framework. National Institute of Standards and Technology. https://www.nist.gov/cyberframework/framework

Pal, S., Hitchens, M., Rabehaja, T., & Mukhopadhyay, S. (2020) Security Requirements for the Internet of Things: A Systematic Approach. Sensors (Basel), 20(20), 5897. doi:10.3390/s20205897

Porter, S. (2020, Mar. 19) Cyberattack on Czech hospital forces tech shutdown during coronavirus outbreak. HealthCareITNews. https://www.healthcareitnews.com/news/emea/cyberattack-czech-hospital-forces-tech-shutdown-during-coronavirus-outbreak

Shankar, P. (2021, Apr. 16) All about Ryuk. Cyber Security Works. https://cybersecurityworks.com/blog/ransomware/all-about-ryuk.html

She, A.H., Zarour, M., Alenezi, M., et al. (2020) Healthcare Data Breaches: Insights and Implications. Healthcare (Basel), 8(2), 133. doi:10.3390/healthcare8020133

Shear, M.D., Nicole Perlroth, N., & Krauss, C. (2021, May 13) Colonial Pipeline Paid Roughly $5 Million in Ransom to Hackers. The New York Times. https://www.nytimes.com/2021/05/13/us/politics/biden-colonial-pipeline-ransomware.html

Stockwell, S. (2018) What Nurses Need to Know About Cybersecurity. AJN American Journal of Nursing, 118(12), 17-18. doi: 10.1097/01.NAJ.0000549682.13264.dc

Tully, J., Selzer, J., Phillips, J.P., O’Connor, P., & Dameff, C. (2020) Healthcare Challenges in the Era of Cybersecurity. Health Security, 18(3), 228-231. doi: 10.1089/hs.2019.0123.

Tussing, A.D. & Wren, M.A. (2006) How Ireland Cares: The Case for Health Care Reform. Dublin: New Island.

Waddell, K. (2016, May 10) The Computer Virus That Haunted Early AIDS Researchers. The Atlantic. https://www.theatlantic.com/technology/archive/2016/05/the-computer-virus-that-haunted-early-aids-researchers/481965/

Williams, C.M., Chaturvedi, R., Chakravarthy, K. (2020) Cybersecurity Risks in a Pandemic. Journal of Medical Internet Research, 22(9): e23692. doi: 10.2196/23692.

Yandron, D. (2016, Feb 17) Los Angeles hospital paid $17,000 in bitcoin to ransomware hackers. The Guardian. https://www.theguardian.com/technology/2016/feb/17/los-angeles-hospital-hacked-ransom-bitcoin-hollywood-presbyterian-medical-center

ZDNet (2020, May 15) Hackers preparing to launch ransomware attacks against hospitals arrested in Romania. ZDNet. https://www.zdnet.com/article/hackers-preparing-to-launch-ransomware-attacks-against-hospitals-arrested-in-romania/

Biographies

Margaret Moran Stritch RGN, BSN

Margaret Jean Moran Stritch graduated with a BSN from the National University of Ireland – Galway (NUIG) in 2017 and works as a surgical theatre nurse at University Hospital Limerick.  She is currently completing postgraduate studies in perioperative nursing at the University of Limerick (UL), Ireland.

Margaretstritch@gmail.com

Michael Winterburn MSc, BSc, NCFM

Mike is an experienced lecturer with a demonstrated history of working in the higher education sector. He has a strong education professional focus on computer networks, security & server virtualisation, with research interests in Cloud and Fog/Edge network security. He is also skilled in working with development nonprofit organisations (in Nepal around leprosy & social stigma), e-Learning, analytical skills, and lecturing.

Michael.Winterburn@LIT.ie

Frank Houghton PhD, MPHe, MA, MSc, MA, BA(Hons)

Frank is Director of the Social Sciences ConneXions Institute at Limerick Institute of Technology in Ireland. He has worked in Public Health in the Health Services in both Ireland and New Zealand. He was formerly Chair of the Dept. of Public Health at Eastern Washington University in Spokane, WA.

Frank.Houghton@LIT.ie

Be Sociable, Share!

Comments are closed.