Avoiding a Ransomware Attack
Technological advances have made it easier for patients to access their health information. From a patient-rights perspective, this is good news. However, the bad news is these same advances have enabled cybercriminals to conduct ransomware attacks on healthcare professionals' computer systems, putting private patient health information (PHI) at risk.
Posted in Risk Management on Tuesday, November 15, 2016
Ransomware attacks begin when a cybercriminal sends a healthcare professional an eye-catching email link to contagious attachments. Once a person clicks on the link and downloads the attachment, the computer’s information becomes encrypted and frozen with malware. A “ransom note” then appears on the computer screen, demanding the user pay a ransom in exchange for a key code to unlock the data.
Since early 2016, there have been an average of 4,000 daily ransomware attacks (a 300 percent increase over the 1,000 daily ransomware attacks reported in 2015).1 An estimated half a billion dollars has been paid in ransoms, usually by bitcoin (a digital payment system in which transactions take place between users directly, without an intermediary). In February 2016, Hollywood Presbyterian Medical Center in California revealed that they paid hackers a ransom in bitcoin amounting to the equivalent of $17,000.2
Here are tips to avoid a ransomware attack (or at least minimize its damage if an attack is in process or has occurred):
and periodically review the backup to ensure its integrity and completeness. Some forms of ransomware will remove, encrypt or disrupt backups even in the Cloud. Consider maintaining any backups offline, away from any networks.
- Configure your webmail server to block dubious attachments with extensions like .exe, .vbs or .scr. .
Phishing emails may masquerade as notifications from a delivery service, an e-commerce resource, a law enforcement agency or a banking institution.
- Dangerous hyperlinks can come through social networks or instant messages. Senders may be using hacked accounts to appear as people you trust, including friends or colleagues. .
to help prevent a compromise. This includes antivirus, browsers, Adobe Flash Player and Java.
- . This may stop the ransomware from completing the encryption routine.
if you spot a suspicious program or application running on your computer
Enhance your protection by setting up additional firewall protection. Third-party security suites are available that enhance the security already built into Windows.
to scan compressed or archived files.
that cannot be easily guessed by remote criminals. Set up unique passwords for different accounts and change them on a regular basis, at least twice yearly. Combinations of letters, numbers and special characters are recommended.
so harmful processes won’t be automatically launched from external media, such as USB memory sticks or other drives.
to keep any ransomware infection isolated to your machine.
, such as Bluetooth or infrared ports. Bluetooth has been exploited to stealthily compromise systems. Use wired keyboards to prevent electronic eavesdropping.
Maintaining Awareness is Critical
At times, it can seem difficult to stay up to date with the latest cybercrimes, let alone understand which cyber risks are relevant to you. According to information technology experts, the next generation of ransomware includes the threat of leaking the information if payment isn’t made, so clearly this issue is not going away.
Nonetheless, it is incumbent on you to protect your patients’ PHI and other important practice data. This makes it essential that you remain vigilant and educated about possible ransomware risks.
1. United States Government Interagency Guidance Document, How to Protect Your Networks from Ransomware, available at https://www.justice.gov/criminal-ccips/file/872771/download
2. Ransomware takes millions, baffles law enforcement, http://thehill.com/policy/cybersecurity/270097-ransomware-takes-millions-baffles-law-enforcement