There are certain days that are branded in your memory, that shape you as a leader and a person. For me, June 15, 2019—the day the hospital I serve as CEO was hit with a cyberattack—is one of those unforgettable days.
Unfortunately, the threat of a cyberattack and the steep costs associated with them have only skyrocketed since my organization was impacted. Today, in light of the intensifying conflict between Russia and Ukraine, businesses are facing “perhaps the most acute cyber risk U.S. and western corporations have ever faced,” according to a Harvard Business Review analysis.
In these volatile times, evaluating your current cybersecurity measures should be a priority of every organization, no matter its size. My organization had some measures in place prior to the ransomware attack, but it still created a major crisis within our organization. I share our story and the lessons we learned from the cyberattack in hopes that it will create a sense of urgency among my fellow leaders to take steps now to protect their organizations.
We were first alerted to the attack on a Friday at midnight. At that time, we thought it was maybe just a few servers that had been tampered with by ransomware, a software that encrypts a victim’s digital files. By Sunday night, we realized the full extent of the attack. The hackers demanded the bitcoin equivalent of $1 million to decrypt the files.