The Prospect hack is the 157th cyberattack on a U.S. health care organization this year, said Allan Liska, a ransomware analyst at the cybersecurity firm Recorded Future. Liska said it is also the largest since October 2021, when a ransomware attack, a chain of more than 140 hospitals, to temporarily halt computer operations across the country.
Ransomware is an extremely disruptive form of criminal cyberattack. Hackers attempt to encrypt a victim’s computer files and demand a payment — usually in cryptocurrency — for a program that may make them accessible again. Regardless of whether the victim pays, such attacks can leave victim organizations scrambling for days or even weeks and months to bring their systems back online.
Hospitals often use interconnected computer systems for tasks such as billing and keeping track of patient records. In a ransomware attack, information technology staff often shut down those systems to try to prevent the attack from spreading, forcing health care professionals to suddenly go without those tools.
Ransomware hackers take aim at a wide range of targets they think may pay up, including local governments, police stations, schools, businesses and hospitals. Larger hospital chains may have better cybersecurity, but they also offer hackers the opportunity to threaten more victims, and therefore the chance to potentially make more money.