Prevention and Cure for Ransomware Threats

The healthcare industry is facing an increasing number of ransomware attacks as attackers shift their focus from the heavily-defended targets of financial and retail industries. Healthcare is steadily being pin-pointed as the easy picks of ransomware attacks, one of the revenue sources for cyber criminals on the prowl for easy money.

Ransomware attacks in the healthcare industry can jeopardize access to important electronic files on patient care, patient history, research data, etc. These scenarios can propel organizations to either pay the ransom demanded or initialize ad hoc measures towards recovery that do not guarantee full reproduction of current data.

Ransomware can be explained as malicious or virus-inducing software that either encrypts or restricts access to files on a computer system until a ransom payment has been made. This petty and fringe cyber attack procedure has grown immeasurably in recent years into a dreaded and widespread epidemic, with a staggering statistic of almost 4,000 attacks per day. Several successful, high-profile attacks on hospitals have warmed the criminals towards preferring to target healthcare providers.

In the year span from April 2015 to March 2016, attacks from ransomware in the healthcare industry have increased a worrying five times that have IT security experts on a heightened state of alert. High-profile attacks have led to payments of thousands of dollars and also at times to inability to access patient records. Unfortunate as they are, these incidents also provide a learning opportunity whereby hospitals and healthcare providers can take lessons to reduce the risk of falling prey to attacks, or in the event of an attack, pointers towards next step.

Here are some steps to help the healthcare industry avoid ransomware attacks:

    • Improving data security preparedness, creating information security programs such as, installing endpoint security software, whitelisting machines, configuring mail servers to block suspected files, and also to delegate work among several servers so that damage can be minimal and restricted, if any.
    • Strengthening the IT security through implementation of best practices data and manuals instructing what is to be done after an attack or steps to prevent an attack. Training employees to respond with immediate primary steps like, disconnecting infected systems, external devices, etc. to prevent the malware from spreading can go a long way
    • Security awareness training for employees in order to educate the staff on how best to protect critical information and data. For example, identifying and avoiding the traps of phishing emails.
    • Developing and employing effective back-up strategies and having a disaster recovery plan will ensure the continued functioning of hospitals in the event of an attack. Regular audits of information processes and checks to ensure that backup files have been archived correctly, keeping back-ups offline are some of these measures.

    In sight of the recent ransomware attacks on hospitals, the FBI has also advised on a multi-pronged approach to malware attackers that include,

    • Implementing software restriction policies,
    • Backing up data regularly,
    • Patching operating systems, and
    • Restricting access to certain key files and directories.

    There’s no single method for complete protection but rather a host of measures that aid towards building a fortified firewall against threats to information integrity. According to FBI Cyber Division Assistant Director James Trainor, ‘… contingency and remediation planning is crucial to business recovery and continuity — and these plans should be tested regularly.’

Share This Article

Written by

Total Views: 685 views