Ransomware & Healthcare

Is your healthcare organization at risk?

Ransomware is not going away in 2017—Life Threatening to the Healthcare Industry

Ransomware in 2017             Previously: “The Reality of Ransomware in 2016”

Ransomware in 2017 is even mores a sophisticated type of malware that is targeting the healthcare industry, and it isn’t going away.  Reports indicate that attacks are growing at a shocking rate and the tools used by cyber criminals are increasing in sophistication.  HHS released a fact sheet https://www.hhs.gov/sites/default/files/RansomwareFactSheet.pdf describing how HIPAA compliance helps Covered Entities and Business Associates prevent or recover from a ransomware attack.  In the fact sheet, a recent interagency report https://www.justice.gov/criminal-ccips/file/872771/download conducted by the U.S. Government indicates that on average, there have been 4,000 daily ransomware attacks since early 2016. That’s a 300% increase over the 1,000 daily ransomware attacks reported in 2015. The newly released Verizon 2017 Data Breach Investigations Report http://www.verizonenterprise.com/verizon-insights-lab/dbir/2017/#report states that “ransomware accounts for 72% of malware incidents in the healthcare industry; SEVENTY-TWO PERCENT!!!

Health industry professionals at all levels should understand the nature of ransomware and its potential risks to their organizations. In the event of an attack, this understanding will be key to determining the appropriate response. Ransomware is dangerous to an individual but can be life threatening to a healthcare organization.

Ransomware was a hot topic at the 2017 HIMSS Annual Conference & Exhibition.

HIMSS 2017

Ransomware attempts to deny access to user’s data by encrypting the data with a key only known by the attacker. After the user’s data is encrypted, the ransomware directs the user to pay the ransom to the attacker in order to receive the decryption key.  We discuss in our article “Watch for Dangerous Ransomware in Attachments and Links”   in March of 2016, receiving a working key, or any key at all in exchange for a paid ransom is not a guarantee that you will be able to recover your data.

Maintaining HIPAA compliance helps covered entities and business associates prevent infections of ransomware by requiring the implementation of strong information security procedures. Recent guidance for healthcare companies focuses on the growing threat of ransomware and stresses the continued need for effective education, regular backups, and strong encryption, as a ransomware attack against plain-text health information is a considered a breach that must be disclosed.

What are the most common methods used by cyber-criminals?

  • Spam emails that contain malicious attachments or links
  • SMS messages targeting mobile devices
  • Drive-by downloads
  • The spreading from one infected computer to another

 Steps you can take for added security:

  • Have two forms of backup for important data
  • Make sure your organization is staying up to date on HIPAA guidance and compliance requirements
  • Remove or update outdated plugins and add-ons from your browsers
  • Never open spam emails
  • Never download attachments or click links from unexpected emails or suspicious or unknown senders
  • Never pay a ransomware ransom
  • Report all breaches immediately

How can Loricca help your organization?

Loricca offers information security risk analysis (SRA) services and solutions; e-discovery, disaster recovery, business continuity, and security risk management—we’re here to help your organization safeguard confidential and critical business sensitive data.

We have had the privilege of providing services to a multitude of clients in the healthcare industry.  Loricca is focused on providing customized solutions designed to achieve compliance utilizing the latest government standards that enhance the overall security posture of our clients in the most efficient way possible.

Visit http://loricca.com/risk-assessment for more information about our HIPAA Security Risk Assessment services and how we can help protect your organization from a ransomware attack.