It’s Only a Matter of Time: Your Hospital is a Ransomware Target
Talk about a scary scenario—hospitals remain high profile and high-value targets for ransomware cyber attacks. It's been an ongoing threat for decades — worldwide and throughout the United States. We’re not a cyber security company, but clients, providers and hospitals voice concerns about their online presence.
Understandably, websites—built for healthcare marketing and communications—are at risk and vulnerable to a ransomware attack. That’s where malicious software does a lock-down and blocks your access and files until a heavy ransom is paid.
Hospitals are a ransomware target…
Cyber attacks directed at hospitals have grown steadily for better than a year. It seems that the WannaCry ransomware attack aimed at financial and hospital targets worldwide may be linked to North Korea.
And, if you want to lose some sleep tonight, picture this: It’s not just your website. Ransomware attacks can lock up medical records, patient electronic medical records, service vendors, backup files and even the phone system. And worse, healthcare email systems, data reporting systems, and equipment and hardware (MRI and other devices) may be vulnerable and need protection.
That’s a tall order. The best idea is to protect against an attack in the first place, especially with a vulnerable version of Microsoft Windows XP. Here are some primary security suggestions:
- For Microsoft Windows users, have an antivirus and personal firewall on each machine
- Connect with Microsoft and download the current version of Security Essentials
- For corporate networks, evaluate Symantec Endpoint Protection, CylanceProtect or similar
- Keep your software and anti-virus programs up to date
- Make frequent backups of key data
- Screen email documents for suspicious attachments
- Train employees regarding malware, scams and dubious links and attachments
If you’re bitten by encrypting ransomware, you or your IT team may be able to:
- Disconnect infected machine(s) from the system or network
- Try removing the problem with your antivirus or anti-malware software
- Identify and evaluate a decryption software cleaning
- Look for a clean and recent backup or restore point
Talk with cyber security industry experts…
Cyber criminals recognize hospitals and healthcare as a large and potentially vulnerable target. Accordingly, professional firms bring the technical skills to support a safer healthcare environment. One such firm—cylance, based in Orange County, CA—specializes in cyber attacks, ransomware, malware and denial of service attacks.
In this case study, published by Cylance, the IT team of Phoenix Children’s Hospital was concerned about adequate protection against malicious activity targeting the facilities 5,000 endpoints. This example describes CylanceProtect to screen sensitive patient and payment information.
Hospitals, health systems and medical practices may be vulnerable to ransomware and other attacks. Facilities are likely to encounter problems and should protect their computers, their investments, and their patient records and privacy. For more in-depth guidance, contact your professional cyber security advisor.
Editor’s Note: Healthcare Success has no business connection with Microsoft, Symantec, Cylance or other vendors. For more information, consult your IT professional or cyber security consultant.