How to Prevent Ransomware from Holding You Hostage

Guest post by Mike Baker, founder and principal, Mosaic451.

Mike Baker
Mike Baker

Over the past couple of months, hospitals and other healthcare facilities have come under siege by cyber-criminals. However, the hackers aren’t after patient data; they never even access it. Instead, they are infecting computers with ransomware, a type of malware that locks down a system and prevents the owner from accessing their data until they pay a ransom, usually in Bitcoin. Among the high-profile attacks that have made headlines:

Although any organization can fall prey to ransomware, lately healthcare facilities have been the primary targets. Some experts feel the problem has reached crisis levels – and hackers are only getting started.

Why Ransomware Attacks are on the Rise

Ransomware is growing in popularity because it is far more lucrative than more traditional cyberattacks where hackers access and steal data. Once the data is stolen, the hacker must find a buyer. Then, the hacker has to negotiate a price. Conversely, in a ransomware attack, the hacker has a built-in “buyer” — the owner of the data, who is not in a position to negotiate on price.

Ransomware is also a simpler and quicker mode of attack than a data breach. Once a hacker has breached a system, downloading a large data set can take some time, during which the attack could be identified and halted. Because ransomware never actually accesses a system’s data – it just locks it down – it works far more quickly and covertly. Victims have no idea they have been compromised until they find they cannot access their system.

Most ransomware does not make its way onto computers through brute-force hacking but via social engineering techniques such as enticing employees to click on phishing emails or insert malware-infected thumb drives into their computers.

Why is the Healthcare Industry Being Targeted?

Healthcare organizations are especially attractive targets due to the highly sensitive nature of their data; unlike in other industries, life-or-death stakes are involved. If an online retailer is hit with a ransomware attack and cannot access their customer data, they would take a financial hit and have to deal with unhappy customers, but in the end, no one would be hurt, and no one would die. However, if a healthcare facility cannot access its patient data, a patient could be given the incorrect medication or treatment, or their treatment could be delayed, resulting in injury and even death.

Additionally, the healthcare industry has unique cyber security vulnerabilities:

What Can Be Done to Stem the Tide of Ransomware Attacks?

Although lackadaisical attitudes towards information technology and cybersecurity are not unique to healthcare, that industry in particular needs a major attitude shift. Providers need to realize that information technology is a critical part of modern healthcare. The notion that information security is everyone’s job must be modeled from the executive suite down to front-line supervisors. Employees should be as thoroughly trained on information security practices and security awareness as they are on sanitary procedures, and this training must be an ongoing process.

Information security threats are continually evolving. It’s difficult for any organization to keep up with the latest cybersecurity threats and devote sufficient human and technological resources to combating ransomware and other cyberattacks. For these reasons, it’s a good idea for healthcare facilities and other organizations to enlist the services of a professional managed security services provider (MSSP). An MSSP can deploy expert on-site security personnel to work in tandem with in-house IT staff and advise on information security policy, employee training, and proactive security measures, and also monitor the organization’s network and immediately respond to breaches if they do occur.

The good news is that most ransomware attacks can be prevented through proactive measures. If an attack does occur, systems monitoring can intercept the malware before it spreads, and secure backups of both patient data and the system will help an organization get back up and running quickly and without having to cave to hackers’ ransom demands.

Write a Comment

Your email address will not be published. Required fields are marked *