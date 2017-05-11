sponsored

Ransomware spreads throughout healthcare

Word traveled fast in the aftermath of last year’s ransomware attack on the Hollywood Presbyterian Medical Center in Los Angeles, Calif. Copycats saw a new opportunity to score quick and easy returns and launched their own ransomware attacks against hospitals. Indeed, the attacks increased at such a clip that experts ranked ransomware as the fastest growing malware threat in 2016, with more than 4,000 incidents occurring daily. 

In the crosshairs 

Hospitals are expected to get singled out for attack again in 2017. Simply put, they have more to lose and are viewed as likely to pay to avoid disruptions in patient care. Critical care providers need to maintain uninterrupted access to patient data — meaning access to shared files and databases literally can be a matter of life and death. 

Another reason: personal health information turns out to be 50 times more valuable on the black market than financial information. Some reports have found purloined patient health records selling for as much as $60 per record. 

The cybersecurity threat is magnified by the presence of insecure, legacy computer systems still found in many hospitals and health facilities  — a problem now amplified by the addition of insecure Internet of Things devices added to their networks. 

An ounce of prevention  

In the immediate aftermath of a ransomware attack, hospitals may respond by shutting down their network operations and even moving to paper records for communication and scheduling. But instead of winding the clock back to 1992, organizations can limit the potential damage to the organization by taking proactive steps to bolster their defense. 

For starters, better training is a must. Hospitals are viewed as easy targets by attackers because of a perception that other concerns take priority over general cybersecurity training. Employees need to be made more aware of ransomware and alerted to the danger of phishing emails.  

A checklist should also include: 

  • Regularly patching software - including the operating system, applications and firmware found on digital devices - to stay current on security protections. 

  • Setting antivirus and anti-malware solutions to automatically update and conduct regular scans. 

  • Cautiously assigning administrative access to privileged accounts. Make sure it’s absolutely necessary and then configure access controls accordingly, including file, directory and network-share permissions. If someone only needs to read specific information, they don’t need write access as well.  

  • Disabling macro scripts from office files transmitted over email.  

  • Issuing software restriction policies or other controls to prevent program executions from common ransomware locations.  

Victims can pay the ransom or restore data from backups. So back up data regularly and verify its integrity. Also, ensure the backup is secure and not connected to its associated computers and networks. 

Charles Cooper has covered technology and business for the past three decades. All opinions expressed are his own. AT&T has sponsored this blog post.

