Chances are you’ve been hearing a lot about cyberattacks and specifically ransomware in healthcare lately. Attackers take over systems and encrypt files, demanding payment in Bitcoin. They often get away with it.
Attacks like the recent ones on Universal Health Services and ERT that make the papers are just the tip of the iceberg. No one wants to report that something like this happened to them.
Until recently, I had assumed that such attacks were really hard to stop. Some are. But it turns out there are often many ways to thwart ransomware, and often hours or even days in which to do so.
I asked security experts at Gamayan to analyze the UHS attack and was amazed that they found at least 28 ways it could be stopped. Check out the UHS ransomware case study that breaks down the attack and potential response step by step.
If you want to learn how to prevent such attacks at your organization, contact me.
Here’s the timeline of the attack:
16:37 Bazar Malware Executed (Remote IP)
16:48 Domain discovery commands
17:06 Registry discovery commands
17:28 More domain discovery and network checks to domain controllers
17:41 AdFind used to map active directory
18:49 checks again for domain trusts and AdFind using Bazar (FTP exfiltration to remote IP)
20:12 First lateral movement attempt with WMIC (SMB transfer, Multiple payloads tried)
20:23 P64.exe Cobalt Strike beacon run on beachhead host (Remote IP)
21:04 Second P64.exe Cobalt Strike beacon dropped on beachhead host (New remote IP)
21:09 Next lateral movement attempt via a service and PowerShell (First Successful Lateral Movement)
21:10-22:06 Continual lateral movement using Cobalt Strike beacons via SMB across the environment
21:43 Windows Defender begins to be disabled using Powershell commands
21:45 First RYUK ransomware executable transferred to the backup system (Ryuk Executed)
When Dave Terry started his career in healthcare three decades ago, he noticed something odd and disturbing. The fee-for-service model meant doctors were paid for quantity, not for quality or cost effectiveness. Since then he’s been working to do something about it: for the first twenty years at American Practice Management, then Partners Healthcare and Harborside Healthcare. He made progress, but also learned the limitations of acting against entrenched interests.
For the last decade he’s gotten even more serious, co-founding Remedy Partners in the wake of the Affordable Care Act and then Archway Health, where he is CEO. Archway helps physicians jump into the meaningful risk-based payment models that are finally on offer from the Feds and private carriers.
I compared Dave’s quest to the Thirty Years’ War, but reminded him that there was a Hundred Years’ War, too, so he better gird himself.
I met Dr. Kevin Churchwell, the new CEO of Boston Children’s Hospital a few years ago. He impressed me then, and I’m excited that he has been named as the new CEO, following the retirement of Sandy Fenwick.
He’s a physician and business leader, and has already run a prestigious pediatric academic medical center, the Nemours/Alfred I. duPont Hospital in Wilmington, DE.
As a parent of kids who have received incredible care there, I have a special fondness for Children’s. I’m excited by this choice of CEO.
Hospitals need to perform elective procedures to make money, but with the first wave of the pandemic still in process and a second wave possibly on its way, patients are in no rush to return. In this interview, eVideon CEO Jeff Fallon opines on what’s ahead.
Hospitals are currently preparing for a “second wave” of non-COVID-19 patients who were forced to delay care – but even though restrictions are easing, people may continue to stay away. How do you think this will impact hospitals? Patients?
Hospitals will surely welcome their revenues turning north towards normal as this begins. But it’s clear that many will still be concerned about the risk of infections. I read a new survey by the Society for Cardiovascular Angiography & Intervention, which showed that 61% of Americans over 30 years of age are more afraid of COVID-19 than a heart attack, and that 36% consider just going to a hospital risky behavior. With those kinds of stats in mind, hospitals are facing a new complexity in the level of trust with patients who so urgently need this delayed care. Patients will be looking for visible signs that the new normal for hospitals is tuned for their protection in a near post-pandemic reality. Things like ubiquitous PPE and hand sanitizer, hyper-clean environments, and use of new technologies that reduce risks of contagion will be vital evidence that gives confidence to the worried.
How can provider organizations persuade patients it is safe/important to start coming back in for elective procedures and routine treatments?
Many hospitals have developed tremendous marketing competencies and I expect they’ll do an amazing job in telling their communities about the important preparations they’ve made for this new normal. Those marketing messages are an essential start but even more important is the visible, tangible evidence of the commitment to safety when patients come back to the campus for care. They’ll surely tell two friends who tell two friends and so on as the slogan goes. Visible investments in new care tools like telehealth and virtual engagement solutions that enable excellent and thoughtful care from a healthy distance are examples of this. Touchless digital whiteboards that present vital information dynamically updated in the room is another.
What role will digital engagement platforms have in helping providers communicate effectively with patients returning for care?
The usual face-to-face communication comes with risks which have become front page news during recent months of this pandemic. Digital patient engagement platforms enable patient understanding of their clinical condition through delivery of personalized video education and now live face-to-face communication via video visits. Now more than ever the ability to effectively educate and communicate from a safe distance is vital for hospitals that seek to deliver higher quality, more satisfying care than ever before even in a post pandemic world. But the urgency for this reaches a new high as worried patients return to healthcare campuses for the vital and necessary care they have put off while remaining in place.
How will the bedside experience be different for patients post-pandemic? How can hospitals ensure the safety of patients and providers?
Virtualization of many common processes like patient meal ordering, nurse rounding, patient feedback, room controls like temperature and lighting are a necessity post-pandemic. The mandate for satisfaction and quality of care isn’t going away, so the hospitals that thrive post-pandemic will be those that excel at using these kinds of digital tools to maintain high performance while minimizing potential for exposure. Visitation policies might never be the same again. But the urgent need for us all to feel closer to those we love only increases when health and lives are at risk. So the need will remain very high for virtual visits between hospitalized patients and loved ones who can’t enter the hospital or even for doctors and nurses to stay at a safe distance while they consult with those hospitalized patients and their families who may be anywhere in the world.
How is eVideon helping hospitals improve patient engagement and education both inside and outside the hospital?
eVideon’s core value proposition for decades has been to enable nurses to better engage patients in their own care through strong interfaces to core healthcare IT tools like the EMR. This has always been about automatically prompting patients to complete personalized video education prescribed by the care team for that patient based upon admission details. This virtualization has always afforded the nursing staff high levels of efficiency, but the pandemic made very clear that with this efficiency comes a newly-important safe distance. But we’ve also just launched eVideon HELLO, a virtual visit tool that enables hospitals to provide low cost video visits for their patients without the need for app downloads or account setups which have too often turned the nursing staff into tech support for business conference calling apps. Finally, we brand HELLO for hospitals so the patients clearly know who is making this incredibly important patient experience tool available to them.
What are your recommendations for hospital executives who would like to support patients in managing their care during this time of crisis?
Go all-in on digital health tools that drive patient engagement. One doesn’t have to look past the front page of any newspaper, let alone the healthcare press to see that the businesses, (“brick and mortar” or otherwise) thriving through this pandemic are those leveraging strong digital strategies, and that will continue. And though the pandemic pushed digital/virtual to become a global business necessity, the delivery of care will not escape digital transformation after the virus abates. Hospitals that invest now in thoughtful digital health strategies will be best positioned to help nervous patients return for delayed care and they’ll be the providers of choice even beyond those who worry. Finally, new digital capabilities enable hospitals to meet more patients more efficiently wherever they are physically, emotionally or clinically; and that’s a smart digital strategy for today and forever.
It’s no surprise why auto insurers like State Farm and Geico are sending rebates to customers this spring and summer. No one’s driving, so accident claims are way down and insurers are paying out very little. No one expects drivers to make up for lost time by crashing their cars more often once they return to the roads. That means a dollar saved now on claims is a dollar saved forever. Insurance companies and state insurance commissioners realize this, too and that’s why the rebates are coming.
But you might be surprised that health insurers, starting with UnitedHealth are beginning to do the same thing. United is offering a 5 to 20 percent credit on June billing statements, which is the same order of magnitude as the auto insurers.
So the questions are:
Aren’t insurers spending a fortune on the surge of COVID-19 patients as they overwhelm the medical system?
What about the coming surge of deferred elective surgeries and the ‘train wrecks’ with acute or chronic conditions that have stayed away from the emergency room and doctor’s office? Won’t insurers need the money to pay for those when they return?
And the answers?
Insurers are spending a lot on some COVID-19 patients. Big bills are rolling in for hospitalized patients, especially those that land in the ICU and are on ventilators for weeks. But even though a lot of people are sick, it’s only the hospitalized patients that incur expenses. With no costly outpatient or drug treatments, overall COVID-19 costs are not so high. Also, many of these patients are older (Medicare) or poorer (Medicaid), not in United’s commercial markets, where the rebates are focused.
Other than COVID-19, the medical system is eerily quiet. Essentially the only other bills are for telemedicine, some cancer treatments, and medications for chronic illness.
We do hear about a coming ‘second wave’ of non-COVID-19 patients later this year as hospitals reschedule elective surgeries, people who have been avoiding the emergency room come back in worse shape, and chronic care patients incur more intensive treatments after declining.
These assumptions are driven by a combination of what seems like common sense, clinician desires to help patients, and wishful thinking by hospital financial chiefs.
But UnitedHealth knows something that others don’t: utilization and costs are not going to rise as fast as people assume. So insurers are getting out ahead of it before regulators, the ACA medical loss ratio requirements, and public opinion force their hand.
They will be in for a rude surprise, however, because many people will continue to stay away. Instead patients will use telemedicine, pursue less aggressive treatments, or just wait for time to heal what ails them. For years, healthcare experts and insurers have known that hospital care is over-utilized and sometimes dangerous. Now COVID-19 has done what co-pays, deductibles and hospital safety reports never could –keep patients away.
It’s no surprise that elective procedures and routine visits have plummeted. After all, hospitals canceled them. Surprisingly, the use of emergency rooms in Boston for strokes, heart attacks and appendicitis has also dropped by half during the emergency. Many emergency patients will return, but those with common issues like back pain and rashes will think twice or three times before coming in. Patients who are due for colonoscopies or mammograms will put them off even longer than usual.