Ever since WannaCry, the healthcare industry has known just how dangerous ransomware can really be. However, practices keep getting hit – as is the case with the Olean Medical Group. Have you learned the right lessons from incidents like these?
Ransomware is a growing problem for healthcare organizations of all sizes – in fact, almost half of all ransomware incidents reported last year targeted healthcare companies.
Aggressive strains like WannaCry are becoming more and more common, while many healthcare organizations continue to fail to take the appropriate steps to protect themselves.
It’s been over two years since the WannaCry ransomware strain struck on the evening of May 11th 2017, encrypting the data of thousands of healthcare organizations in the UK (including the entirety of the National Health Service) and holding them to ransom. By the end of the weekend, WannaCry had infected thousands of networks in over 150 countries around the world.
Despite the extent of that attack, the world still doesn’t seem prepared to defend itself against ransomware. Case in point – the Olean Medical Group.
While the exact details of the New York state ransomware attack from earlier this month are unclear, the Olean Medical Group staff went without access to their systems and data for over 40,000 patients until they paid the hackers. Olean Medical Group CEO Christine Strade confirmed that they did, in the end, agree to pay the hackers, since which they have been working to regain access to their data and systems.
In the meantime, staff members had to maintain patient files in hard copy, with pen and paper. Olean Medical Group has since hired Kivu, a cybersecurity forensic company, to investigate the attack.
Even without talking to Olean Medical Group or Kivu directly, a few key lessons can be learned from this incident…
It begs the questions – have you established relationships with local law enforcement? They can be a big help in situations like this – you don’t want the first time you talk to them to be when you’re trying to protect your data and come up with the money to pay a ransom.
While we do have three tips list below, the theory behind this kind of defense has two key aspects – prevention and response.
In prevention, you need to make sure your staff understands how ransomware works, and how it tends to make it onto a victim’s network – that is, by tricking an unsuspecting user into opening an email that’s carrying ransomware.
In response, it comes down to disaster recovery and incident response. If you have your data backed up, are you testing recovery procedures regularly? If so, then it doesn’t matter if your data has been encrypted. You can just replace it with your backup, simple as that.
When developing your ransomware defense, keep these three recommendations in mind:
Beyond simple security updates, it’s worth noting that ransomware often penetrates many systems through conventional phishing schemes, in which a fraudulent email requests that the recipient downloads an attachment, or clicks a link. That’s why it’s important to guarantee your staff knows what to look for.
Send out a company-wide memo. Make sure it comes from someone who won’t/can’t be ignored. It should say something like…
It is imperative that you follow these guidelines on ALL work computers and ANY personal devices used for work to protect against ransomware.
If you’re not sure about how to ensure your protection against ransomware and other cybercrime threats, then don’t try “fake it ’till you make it”. Be sure to consult a Nashville Healthcare IT company like Kraft Technology Group if you’re unsure as to the state of your healthcare organization’s ransomware contingencies.
Like this article? Check out the following blogs to learn more: