The deluge of ransomware attacks in 2016 on hospitals and other healthcare facilities plastered headlines. It even seemed that healthcare could be the most susceptible industry to face such attacks. Facilities providing critical care rely on access to up-to-date information from patient records or face delays that could cause malpractice or even death. With a high-pressure environment, healthcare facilities are more likely to pay for files so they aren’t facing costly consequences.
As a highly regulated industry, healthcare facilities often put HIPAA compliance at the top of the concerns list. While security is equally important, it often does not receive the same attention, which is a dangerous oversight considering the growing number of endpoints.
BYOD strategies that help strengthen communications and patient care are opening up entities to ransomware threats. As data moves out of the core there needs to be more proactive protections in place. It only takes one click or download by an unknowing employee to compromise the organization’s network.
In a report by Ponemon Institute, eighty percent of those surveyed said that their mobile endpoints were the target of malware in the past year. The same study reported “the majority of respondents felt that endpoint devices were the biggest threat to business cybersecurity. Forty-three percent of organizations said that laptops are the greatest endpoint threat, followed by smartphones at 30 percent, tablets at 19 percent, and USB sticks at 6 percent.”
To ensure that you’re preventing ransomware attacks, it’s vital to educate employees on how to safely use their endpoint devices, but there is also more that can be done to defend against ransomware.
Critical Steps to Preventing Ransomware
- Backup data daily so that bad actors have less power to extort healthcare facilities. Backups should be stored securely in the cloud and local backups should be kept on air-gapped devices. Once the backup has been performed, drives should be disconnected so the backup drives cannot be encrypted in the case of an attack.
- Block email attachments that are generally not used by employees, including JavaScript (JS) and Visual Basic (VBS) files, executables (.exe), screensaver files (SCR), and Windows Shortcut File (.lnk).
- Educate users on double extensions and configure computers to display the extensions. Then users will be able to identify malicious files if they see a name like PatientRecord.xlsx.scr.
- Enabling and running macros is often a place where malware hides. Configure Microsoft Office to block macros or require manual permissions to run.
- Consider disabling Windows PowerShell if not in use.
- Use software management tools so that patches are completed in a timely manner.
- Segment the network so that if a breach occurs, not all data is in encrypted.
- Block end users from visiting malicious sites through the company network.
- Block all unused ports on computers.
- After training employees on cybersecurity best practices, complete simulated attacks to test the staff’s knowledge.
- Use a next generation endpoint security solution.
Your Healthcare Facility Doesn’t Have to Be a Statistic
We’re observing ransomware attacks evolve into cunning threats that even the most trained security professionals could miss. That’s why it’s vital for all healthcare facilities to take steps today to protect itself, its data, and patients’ privacy.
Cybersecurity must be given as much attention as HIPAA compliance because they go hand-in-hand. If a ransomware attack occurred, HIPAA rules require the breach to be reported if the protected health information has been accessed or encrypted. The only exception to this is if the healthcare organization can demonstrate that there was a low probability that patient data was compromised.
Don’t become a statistic in 2017, contact SentinelOne today for a demonstration of our next generation endpoint security platform that can keep your data safe from ransomware.