Health systems are being warned by federal officials that cybercriminals are preparing to unleash a wave of ransomware attacks designed to lock up hospital information systems, which could hurt patient care just as nationwide cases of COVID-19 are spiking. It is anticipated by federal authorities this attack will occur this weekend.
The attackers are utilizing ransomware known as Ryuk through a network of compromised computers called Trickbot that Microsoft began trying to counter earlier in October.
Ransomware attacks continue to focus on the healthcare industry and specifically, hospitals.
In September, ransomware impacted all 250 facilities of Universal Health Services. The system was required to revert to manual paper and pencil for record-keeping and slowing lab work. Employees described chaotic conditions impeding patient care, including mounting emergency room waits and the failure of wireless vital-signs monitoring equipment.
Also in September, the first known fatality related to ransomware occurred in Duesseldorf, Germany, when an IT system failure forced a critically ill patient to be routed to a hospital in another city.
How to Protect Your Healthcare System from Ransomware Attacks
Healthcare systems should take the following preventative measures to protect themselves from ransomware attacks:
1. Awareness and Training
Awareness and training of cybersecurity should always be an on-going focus for organizations, specifically around phishing scams.
A phishing scam is when criminals impersonate legitimate organizations in an attempt to steal sensitive information. Scammers can use email or text messages. Both can threaten your organization, however, they are entirely preventable if your ENTIRE staff has been properly trained.
2. Keep Backups
The next recommendation is to ensure that all files are backed up, including electronic records.
Organizations should implement a 3-2-1-backup strategy.
A 3-2-1 backup strategy means that you have at least three (3) copies of your data, stored on two (2) different storage mediums, and one (1) copy in off-site storage.
3. Expedite Patching
Security patches or “patches” are small adjustments to software that address vulnerabilities in software that cybercriminals might use to gain access to your organization.
In order to minimize downtime, IT teams should look at opportunities to expedite their patching response plan.
4. Rehearse Protocols
When your team is fully educated and your plan is in place, the next thing to do is to rehearse!
Spend time with your employees rehearsing the IT lockdown protocols and processes. This will allow your team to work out any problems with the processes. It will also ensure that if the time comes for you to implement these processes, this will not be the first time your staff is doing it.
5. Power Down Systems
When not in use, power down IT systems. This will limit the number of potential attacks to your organization.
6. Limit or Prohibit Personal Email
Another tip is to limit or even prohibit the use of personal email.
Personal emails often go unmonitored and therefore are easy targets for phishing and malware attacks. If accessed through a company device, these attempts can infect company machines and provide access to the organization’s secured network.
7. Review Your Incident Response Plan Regularly
If a cyberattack occurs, make sure your team knows how to contact federal authorities if the phones are down or email has been disabled.
It is also important to review your incident response plan and ensure that it’s up to date with key contacts.
Looking for More Insights on Ransomware Attacks?
A lack of focus on cybersecurity can be greatly damaging to an institution and have a direct economic impact.
For more information on ransomware attacks or to learn how Blue and Co. can help your organization, please contact us by clicking here.