What Threat Does Ransomware Pose To Healthcare Organizations?
Ransomware is likely today’s biggest threat to cybersecurity. You hear about it everywhere, along with a range of possible solutions, most of which are defensive – ways to keep the intruders out before they encrypt your files and send you the ransom note.
Ransomware presents serious data integrity and financial concerns for affected healthcare organizations. It works by tricking a user into opening an executable file (either as an email attachment or downloaded from a webpage linked in an email) which then encrypts the victim’s files and holds them for ransom. Ransomware is now a reportable event required by recent HIPAA rules changes. As such, it has to be treated the same as a potential breach. It must be investigated, remediated and reported.
Ransomware has quickly become one of the biggest cyber threats to healthcare organizations today, especially given the recent Wanna Cry epidemic.
It’s been a year and a half since the WannaCry ransomware strain struck on the evening of May 11th, encrypting the data of thousands of healthcare organizations in the UK (including the entirety of the National Health Service) and holding them to ransom. By the end of the weekend, WannaCry had infected thousands of networks in over 150 countries around the world.
Despite the extent of that attack, the world still doesn’t seem prepared to defend itself against ransomware – so what can you do about it?
Be sure to follow these tips to keep dangerous ransomware out of your systems:
Ensure that you have a good backup, a respected antivirus, and up-to-date security patches in place.
These are the fundamentals of a strong cybersecurity defense. Without them, your IT will be vulnerable to a range of threats – it’ll only be a matter of time before you’re hit by ransomware or worse.
Both industry leaders and cybercrime law enforcement members agree that the best defense against ransomware, other types of malware and similar cybersecurity threats is a robust data backup contingency plan. Have you invested in one for your practice? Does it work? When was the last time you tested it?
What Are The Three Keys To Ransomware Defense?
It really comes down to three key aspects – prevention, response and education.
In prevention, you need to make sure your staff understands how ransomware works, and how it tends to make it onto a victim’s network – that is, by tricking an unsuspecting user into opening an email that’s carrying ransomware.
In response, it comes down to whether or not you have a data backup. If you do, then it doesn’t matter if your data has been encrypted. You can just replace it with your backup, simple as that. As part of a responsible data backup strategy, it’s important that you periodically test the recovery process of your backup system to ensure that it will work when you need it!
Education is all about training employees so they’ll know all about cyber security. Educate your staff on what is expected of them if they encounter a ransomware or malware event.
When developing your ransomware defense, keep these three recommendations in mind:
- Make a considerable investment in a comprehensive backup data recovery solution so that you can restore your data at a moment’s notice when necessary.
- Train your employees to recognize spoofed and false emails so that they don’t download a malware-infected attachment and help the hacker encrypt your data.
- Be sure to make the most of the available resources (both provided online and through expert IT support professionals) to ensure that you’re not overlooking vulnerabilities in your IT security.
- Your annual Risk Assessment should include network penetration testing (even if you did it last year!), a review of your Employee Security Awareness Training Program and a review of potential new malware threats to your practice that have emerged since your last assessment.
Beyond simple security updates, it’s worth noting that ransomware often penetrates many systems through conventional phishing schemes, in which a fraudulent email requests that the recipient downloads an attachment, or clicks a link.
Ensure Your Staff Is Aware
It is critical that security awareness training be an ongoing effort in your organization. It can’t be treated as a “once and done process.” Ransomware and most malware attacks are constantly changing and you must keep your staff informed of the latest threats.
Send out a company-wide memo. Make sure it comes from someone who won’t/can’t be ignored. It should say something like:
Attention All:Ransomware is dangerous to our company… (talk about ransomware’s impact).
It is imperative that you follow these guidelines on ALL work computers and ANY personal devices used for work.
- If you get emails with suspicious attachments; even if it is from people you know, do not click on the attachment.
- Be very cautious of what you click on while browsing. Do not click on random pop-ups!
- If you accidentally click on a suspicious email or web link, immediately unplug the computer from the network
and turn off the WIFI– even before calling IT support.
Work With A Cybersecurity Expert
If you’re still concerned about how to protect your company against ransomware and other cybercrime threats, then don’t try to “fake it ’till you make it.” Be sure to consult an expert if you’re unsure as to the state of your healthcare organization’s cybersecurity defenses.
ACT Networks is proud to use HIPAA Secure Now for risk assessments, and partner with RapidFire Tools as our primary method for investigating the client’s environment. We use Rapid 7 to do the technical pen tests and risk evaluations, which gives our clients a 70-80 page report with recommendations highlighting their flaws vulnerabilities/praising good practices. Get in touch with us today to schedule your risk assessment.
Like this article? Check out Tech Tip: iPad Pro vs. Microsoft Surface Pro, Who is Responsible for CIPA Compliance? or Have You Checked Out the Early Version of the New Outlook on the Web? to learn more.