Ransomware attacks targeting healthcare facilities have been big business for hackers recently. Details about patients, their conditions, and their health-related financial information can be held hostage and because of the incredibly sensitive nature of the info, hospitals and clinics may be more willing to pay cyber criminals when this data is held hostage.
Because this can literally be a life or death scenario if medical professionals can’t access the data they need, some medical facilities have paid these ransoms, furthering the likelihood that they will continue to be seen as soft targets by cyber criminals. Despite the magnitude of this threat, there are actions that can be taken by medical organizations to protect from these types of attacks or minimize the impact of one.
- Train employees adequately: One of the biggest ransomware threats comes from phishing emails. Cyber hygiene relates to practices that limit the amount of risk employees expose themselves to and respond appropriately when they encounter something suspicious. Phishing emails often have certain red flags, although they may not always be elements that users pay attention to, so adequate training on how to spot suspicious emails and links can drastically reduce the likelihood of a risk.
- Create an incident response plan: While this doesn’t necessarily prevent an attack, if an organization thinks through a response plan for this scenario, it can certainly help them to minimize the impact. By creating a prioritized list of how to deal without certain systems and knowing how long the organization can afford to have each one down, IT response teams may be better prepared for restoring access in an orderly fashion. And just as with any response plan, it is best to test the ransomware attack plan as well, provided it can be done in a way that does not have a negative impact on patient care.
- Don’t cut corners on security: Being well-defended means that healthcare organizations must be ever vigilant. This means hiring the right people and working with the right vendors. While it can be costly, devoting the right resources to network security will go a long way in the fight against an attack. Knowledgeable staff and strong partnerships with established vendors often leads to better network analysis and identification of weak points.
- Ensure the network is maintained appropriately: Getting the best network security equipment is only half of the story though. In order for it to perform at its best, software updates must be completed in a timely manner on all security devices. There should also be regular monitoring and inspection of network traffic.
- Restrict access: Employees and contractors should only be allowed access to the systems that they need to complete their jobs. Further, access should be revoked when a user no longer needs it or leaves a company. In addition to system access, restricting activities such as execution and installation of files can prevent ransomware from accessing file paths that it otherwise may be able to. Along these same lines, requiring passwords on shared resources can also stop a ransomware attack in its tracks.
- Backup Data: Perhaps the best action a medical facility can take in the event of a ransomware attack is to have their data already backed up. While this sounds simple, it isn’t done in many instances. This is why hospitals end up paying ransoms; they need Providing for the backup and synchronization of data is crucial, and when possible, it should occur in real time. If there is an alternative option to access the data, cyber criminals have no motivation to conduct an attack.
- Move to a SaaS system: While this step is in direct contradiction to the old IT paradigm of trying to keep data secure by controlling it in-house, healthcare IT is moving forward, and like most everything else, it is becoming more interconnected. This makes it challenging to hire and keep network security experts with adequate security knowledge at one facility, especially for smaller clinics and care facilities. In contrast, cloud providers can often ensure a greater level of security and expertise due to their large-scale operations. This is often where the data will be best protected.
[Learn More about: Cloud Security and Data Protection in Healthcare]
While the threat of a ransomware attack can never be completely removed, practicing good IT measures is a key element in managing the threat. Ultimately, ensuring access to critical patient information is a key component in providing quality patient care, meaning that medical organizations must take the right safeguards to mitigate this threat.