A lot has been publicized about ransomware lately, and for good reason. It’s currently the fastest growing cyber attack. Faceless criminals use malicious software to encrypt files and hard drives of unsuspecting victims, and then demand a ransom to release their information.
While hackers are equal opportunity offenders, they seem to be targeting industries with the most urgent need to pay up. In 2016, utilities and energy services, retail, and healthcare were among the most frequently targeted.
The healthcare industry, for obvious reasons, is the perfect mark for this kind of extortion. The information in their databases provides up-to-date information, which they need in order to deliver critical care. Without quick access to each patient’s health and medical history, healthcare providers would be forced to delay patient care, which could result in death and malpractice lawsuits.
So how can the healthcare industry protect itself? The first thing to do is to shut down the network. While this will cause some inconveniences for its staff, it will prevent the malware from spreading. Hopefully preventive measures have been established in the form of backups, which can be use to restore the data. Otherwise, paying the ransom may be the only option.
Another good practice is security awareness training for employees. With good training and frequent simulated attacks, you keep people on the defensive and scrutinizing each email before opening it.