National Rise In Ransomware Attacks Becoming 'National Security Threat,' Compromising Coloradans' Personal Data

(CBS4) - Nationwide, cyberattacks against major corporation are on the rise. Specifically, ransomware attacks are becoming the new type of breach, in which hackers take company computer systems hostage in exchange for big payouts, and CBS4 Investigates found these attacks are hitting people in the Centennial state.

Holly Parker, of Fruita, got a letter in the mail last fall, saying some of her personal information may have been compromised as a result of a ransomware attack. Cybercriminals had infiltrated Blackbaud, a company that stores data for hospitals and schools across the country.

SCL Health's hospitals in Colorado were just a few of those compromised. Holly and her family have been patients at SCL Health's St. Mary's Hospital in Grand Junction for years.

"That's one place that you don't expect your stuff to be compromised by," Parker said.

According to SCL Health, patient Social Security numbers were encrypted, so that data was protected, but names, birthdays, and addresses were compromised. For some other businesses Blackbaud serves, criminals were able to access social security numbers and financial information.

Blackbaud paid the ransom to the hackers, in exchange for assurance the data wouldn't be exposed, which is something the FBI advises against, because there's no guarantee the hackers will stay true to their word.

Now, a nationwide class action lawsuit has been filed against Blackbaud. At least one Colorado resident has joined, because her information was compromised when the attack hit a school she had attended in the past.

Parker says she's considering joining, as well.

"I think they should be held accountable, because you've screwed around with credit, and people's stuff," Parker said.

The attack on Blackbaud is just one example in the rise of cyberattacks nationwide. A recent HIPAA Journal study found there was a 25% increase in health care data breaches in 2020.

These attacks aren't just stealing personal information, they're also infiltrating the crucial systems we rely on every day.

In May, the Colonial Pipeline was attacked. The company reportedly paid millions of dollars to hackers to get gas flowing again.

"This Is Only Going To Get Worse"

CEO of the Institute for Security Technology Philip Reiner has studied these attacks extensively. His organization has even convened a task force to analyze attacks and determine best practices moving forward.

Reiner says the increase in ransomware attacks is rising "to the level of a national security threat." He says hospitals have become major targets, because their operations are a matter of life or death, thus more likely to pay ransoms.

Last year, ransomware attacks shut down operations at several hospitals, including one in Colorado Springs, causing delays in critical treatments for patients.

A crime ring that recently attacked Ireland's health care system -- Conti -- has been found to have targeted at least 16 health care agencies in the United States, according to the American Healthcare Association. The group has attacked 400 companies worldwide.

"So, when you're thinking about how they go after hospitals and put people's lives at stake, where people cannot get access to critical services, they can't get their surgeries that they've had put in place, they can't get in and get their dialysis... is on the aggregate a significant challenge for us and our national security level," Reiner said. "The assertion that the task force would make is that this is only going to get worse."

CBS4's Kati Weiss interviews Philip Reiner. (credit: CBS)

Reiner believes the federal government should create stricter regulations to force companies to institute better cyber hygiene practices to protect citizens' data and critical operations.

"There are of course additional steps in terms of mandating reporting of incidents or mandating reporting of payment, if your company does choose to pay, we think it should be one of those things that you report to the federal government's so that they are in a better position to go after these actors," Reiner said. "At the end of the day, companies can do a great deal to better protect themselves. Each one of us really can do more to ensure that we've got greater security protocols in place, but at the same time, the federal government has got to be going after these actors, and they need more information from all of us who are getting hit by these types of attacks."

Reiner also said the federal government should look at developing baseline standards for companies to follow.

"I think we really do need to see baseline standards that are established for different types of companies obviously critical infrastructure organizations being at the top of that list where there should probably be a set of standards by which they have to operate, because it puts all of our lives, all of our daily businesses, all of our livelihoods at stake," Reiner said.

In the meantime, how can you protect yourself?

"Cyber hygiene is something that everyone can practice. It is simple stuff like ensuring that you have great passwords, or that you have that '2FA,' that two-factor authentication, step in place. Don't click on those links. Don't open that random PDF that somebody you don't know sent you. Those are the tools that these malicious actors count on people not taking the time to think through what they're looking at, and what they're clicking on," Reiner explained. "I would assert that probably the most important thing that everybody can do is really demand that the companies that they're buying products from have these sorts of baseline security measures in place, and that they demand from their public officials, that these things are being prioritized."

Parker had a fraudulent charge on her credit card just days after she received the notice about the Blackbaud attack last fall. She, too, hopes the government will require businesses to implement more cybersecurity measures moving forward.

"I don't think that these businesses today are taking the extra effort to protect customers," Parker said. "With all the technology and stuff out there today, they can do that effort."

SCL Health sent a written statement to CBS4 saying, "SCL Health is committed to protecting the security and privacy of its patients. We continue to be diligent in reviewing, improving, and enhancing security and privacy technologies, policy, and processes, including enhanced contracting and security review of contracted third parties."

Reiner said there are several resources for small businesses to use to practice better cyber hygiene. Click here for that information:

• healthcyber.mitre.org
• cisa.gov/cyber-hygiene-services
• cisa.gov/ransomware

Featured Local Savings

More from CBS News

Color blind glasses help Coloradans who can't experience color

Teens learning to navigate emotions through partnership with CSU

New national tour of "Company" brings modern take on classic tale to DCPA

See the Top 5 counties where state troopers investigated distracted driving crashes