U.S. healthcare organizations are being hit with wave after wave of ransomware attacks, with repercussions that go far beyond the payoff price. These include the erosion of patient trust, data loss and recovery costs, as well as legal and non-compliance fees.
Unfortunately, the tide isn’t going out soon. Healthcare remains vulnerable to ransomware for many reasons — more so than most other industries.
One reason is the rapid adoption of EHRs (electronic health records) without a
Many hospitals are paying the price. UMass Memorial Medical Center, Hollywood Presbyterian Medical Center, Prime Healthcare Management and MedStar Health are just a few healthcare organizations have been victimized by ransomware in the past year.
Ransomware Is A Real And Present Danger
Ransomware is a type of malware that encrypts and locks data, preventing access to systems or applications until a ransom is paid.
At Hollywood Presbyterian, hackers seized patient files and demanded ransom to get them back. Unlike UMass Memorial that chose not to pay the ransom and restored systems with backup files, Hollywood Presbyterian paid up ($17,000 in bitcoins), because it was the fastest way to get up and running again.
In digital healthcare environments that rely on uninterrupted data access to deliver care and make treatment decisions, an ounce of ransomware prevention is well worth a pound of cure. Here are some steps to take:
1. Develop a comprehensive response plan.
Every second counts when it comes to responding to a ransomware attack. Create a detailed plan to respond to this type of attack, including individuals’ specific responsibilities and procedures. Objectives for recovery should also identified.
2. Leverage the latest threat intelligence.
Threats come from many different sources, and you need to be prepared for all. Your detection system is only as good as the information it receives, so it is critical to deploy detection systems that are up-to-date with the latest advanced threats. Build a cybersecurity platform that supports the automated sharing of real-time threat intelligence between security technologies.
3. Backup data regularly.
Ransomware does more than just encrypt data, it also attacks whatever backups it can get at. To prevent this, backup data on storage that’s inaccessible from the same endpoints. Multiple serialized backups are also useful to keeping you covered in the aftermath of a ransomware attack.
4. Educate employees.
Humans are the weakest link in your cybersecurity. Educate employees about the dangers of clicking on links in suspicious e-mails.
5. Authenticate email sources and screen for phishing and malware.
Email is one of the most common paths for a ransomware attack. Screen all incoming emails and attachments. Because many ransomware attacks come disguised in regular PDF attachments, use authentication tools like DomainKeys or Identified Email to verify email senders aren’t spoofs.
6. Ensure that your security systems are talking with each other.
While there are a plethora of cybersecurity solutions available, these products are less useful if they are not able to communicate easily. Hackers can and will find loopholes if programs aren’t fully integrated. API integration also helps the IT team to more readily identify potential problems.
If you need help creating your security defenses, contact DynTek for a complimentary consultation.