What threats does the health care industry face? The health care industry is particularly vulnerable to cybercrime given its dependence on electronic health information and antiquated security systems. Apart from data breaches, health care institutions face a more recent threat in the form of ransomware. This is “a type of malicious software designed to block access to a computer system until a sum of money is paid.” Ransomware attacks and its effects put patients’ lives at risk.

A cyberattack can happen in the blink of an eye or with the click of a mouse. A mid-level patient records administrator receives an email inquiring about an employment opportunity. Although he is not expecting any applications, and he is not a point of contact for employment inquiries, the administrator opens the résumé anyway. While he is reviewing the applicant’s credentials, a cyber-criminal’s malware is delivered to the hospital’s network. The malware quickly captures the administrator’s login credentials, and because he has broad administrative rights to company systems, the malware quickly spreads across the hospital’s network and encrypts patient data. The attack is catastrophic. Patient records become unavailable and health care providers are forced to turn new patients away. Law enforcement is called in but they cannot solve the problem. The hospital must pay the ransom.