Ransomware: 5 prevention strategies for healthcare organizations
With reports this week that Hollywood Presbyterian Medical Center in California was forced to pay a ransom of approximately $17,000 to hackers who infiltrated the hospital’s computer systems, concerns over ransomware—and how to prevent similar attacks on other healthcare organizations—continue to grow within the healthcare community.
Security companies such as Data Breach Today and Trend Micro agree that protection begins with prevention and preparation. Below are five tips that healthcare companies can use to stay ahead of the hackers and protect their electronic data from ransomware.
- Educate employees. The majority of ransomware attacks start with a socially engineered email to employees containing harmful attachments or embedded links and entice the user to open or click based on compelling language within the email. Educating employees to avoid opening suspicious messages will help ward off potential attacks.
- Use robust and regular data backup strategies. Organizations who perform regular backups and can rapidly restore systems will be able to recover from attacks more quickly. One of the best ways for healthcare organizations to battle ransomware that locks down servers or other systems is to maintain offsite backups.
- Employ sufficient anti-malware tools. Ransomware is a form of malware, and thus can be blocked on PCs by any anti-virus or anti-malware engine that correctly signature-matches the malicious code. With no protection in place, an infected PC may already have played host to malware designed to steal financial details, launch distributed denial-of-service attacks or relay spam by the time it is detected.
- Protect and monitor your servers. A growing number of ransomware attacks target network servers. Network-based security solutions like IDS/IPS, firewall and breach detection systems can identify inbound/outbound command and control communications, which are a key component ransomware threats.
- Regularly review policies and safeguards. As the scale and sophistication of ransomware and other security threats grow, so must organizational efforts to prevent attacks before they occur. Updating preventive measures and reviewing potential weak spots such as shared-drive policies and access authentication mean less reliance on law enforcement to take down criminal operations or the “integrity” of hackers to restore data after a ransom is reluctantly paid.
While no one can predict if their organization will be affected by ransomware or another sophisticated form of cyberattack, employing a defensive enterprise-wide strategy can help stop hackers before they strike.