A strategic alliance between Lyft and Blue Cross Blue Shield (BCBS) has become a reality to help ensure that patients are able to arrive to appointments with their doctors; a service that is free to the patient. BCBS is made up of 36 independent and locally operated companies with a total of more than 100 million members with the potential for service needs. Lyft, a ride-sharing company based in San Francisco, is one of the fastest growing ride-sharing companies in the country, currently serving more than 300 cities.
Lyft has created similar alliances with other healthcare organizations in the last few months such as MedStar Mobile Healthcare, Logisticare, Executive Care, National Federation of the Blind and SafeRide Health to name a few. The president and Chief Medical Officer of the BCBS Institute, Trent Haywood, MD, pointed out that eighty percent of all healthcare outcomes are shaped by “social determinants” including transportation.
Mr. Hayword further pointed out that transportation assistance is available for patients receiving Medicaid, but further stated that access to healthcare due to a lack of reliable transportation has put millions of Americans at risk. This mindset clearly influenced the decision-making leading up to the partnership between BCBS and Lyft. “A strategic alliance with Lyft will allow us to positively impact and improve Americans’ health nationwide” said Haywood. He further stated that BCBS companies “have always been committed to local communities-and solving the most pressing healthcare challenges facing our country.”
At this point, more than 200,000 systems have felt the sting of malware known as WannaCry; a ransomware attack that began on Friday May 12th of this year. This attack has led to doctors being blocked from access to patient files and charts and has even resulted in patients in desperate need of help being sent away from emergency rooms.
International efforts are now taking place to track down the criminals who are responsible for such an unprecedented global attack. The United States, Russia and the United Kingdom were among the 150 or more countries that were affected by the virus and investigators are working tirelessly to track down those who are responsible for this latest attack.
In the United Kingdom, authorities are scrambling to upgrade their security software fearing that another attack capitalizing on the same vulnerability could be imminent. In the meantime, UK’s National Health Service (NHS), the Government of the United Kingdom, and many other governments are faced with answering questions concerning preparedness against further attacks and the viability of systems that are currently set in place.
Meanwhile, cybercrime specialists working for Europol are offering support for countries affected by the virus and have launched their own investigation to try and track down the culprits in this case. Cyber criminals often believe that they are working completely anonymously, but investigators have assured the public that they have tools to bring these criminals to justice.
A British cyber-specialist, known as Malware Tech, has been called an “accidental hero” after registering a domain name that stopped the virus from spreading unexpectedly. The action taken by Malware Tech prevented the spread of the virus to more than 100,000 computers throughout the world.
In England & Scotland, hospitals were forced to cancel medical procedures after last Friday’s attack brought down dozens of NHS systems. Medical staff on hand at the time of the attack reported watching as computers went down “one by one,” taking hold of them, locking them down and demanding money to release data.
Recently here in the United States, reports have shown that it can take from several months to several years for a healthcare system to discover and report a breach to the Health and Human Services department. That same report showed that it took so long to report breaches in patient data because it sometimes took several years to even identify a breach. Analyzation of the report pointed out that healthcare organizations currently spend only about 10 percent of what other major industries in the U.S. spend on securing their data. With that in mind, it’s highly likely this story will continue to unfold in the near future.
A recent Verizon Data Breach Investigations Report pointed out that nearly ¾ or 72 percent of the malware attacks on the healthcare industry came in the form of ransomware in 2016. But the results might not be too difficult to believe since the healthcare industry currently remains one of the largest targets in the U.S. Because hackers understand that data is such an integral piece of the healthcare experience, ransomware has become one of their biggest threats.
Attacks using ransomware have doubled and are currently the fifth most common malware in use according to the report by Verizon. The second most targeted enterprise was the financial sector with 24 percent of all issues in 2016. The Verizon report considered the more than 2,000 attacks in 2016 and found that the healthcare industry was breached 458 times, with 286 of the breaches including improper data disclosure.
The authors of the Verizon report pointed out that “healthcare has the unenviable task of balancing protection of large amounts of personal and medical data with the need for quick access to practitioners.”
The ransomware virus first reared its ugly head last year in February with an attack on the Hollywood Presbyterian Medical Center. This attack caused the center to sound an internal emergency and eventually led to the payment of $17,000 to hackers; just so that they could ultimately regain controls of their own systems.
A report from Symantec also had similar findings showing that ransomware numbers had increased by 36 percent during 2016. According to this report the number had increased from 340,000 in 2015 to 463,000 in 2016. While detections of ransomware through antivirus software was still a smaller percent of overall attacks; it’s clear that there was a rise in ransomware detections during 2016. That same report also pointed out that one in 131 emails received contained a link or an attachment that was malicious; which was the highest rate in five years.
The rise in ransomware during 2016 may have been affected by the release of Ransomware-as-a-Service. Developers with criminal intent created ransomware kits that are customizable and can be tailored to a specific industry. These “kits” are provided to hackers free-of-charge by the developers in exchange for a percent of the ransom paid.
“Cybercriminals concentrate on four key drivers of human behavior to encourage individuals to disclose information: eagerness, distraction, curiosity and uncertainty. As our report shows, it is working with a significant increase in both phishing and pretexting this year” said Bryan Sartin from Verizon. The fact that bad actors seem to understand human psychology and human behavior appears to imply that the problem won’t be going away soon.