How to Keep Your Practice Safe from Ransomware Attacks
Ransomware is no foreign topic in the healthcare industry. It shouldn’t be.
According to a report by
Tenable, the rise in ransomware attacks led to the overall spike in healthcare data breaches. In the year 2020, a whopping 55 percent of healthcare data breaches were caused by ransomware attacks.
Things are even more alarming in 2021. Hacking and IT incidents—which include ransomware attacks—accounted for 68 percent of all reported healthcare data breaches.
In September 2021 alone, the Department of Health and Human Services (HHS) received reports of data breaches that compromised the protected health information of 1,206,799 people in the United States.
| Read more: The Biggest HIPAA Breaches of 2021 So Far
The pervasiveness of ransomware in the healthcare industry puts lives at risk, and
not having ransomware protection can be disastrous for your patients and practice.
Every healthcare practice needs to properly equip itself with the tools and training to stop a ransomware attack in its tracks.
Keep Ransomware Attacks Out
A ransomware attack’s success (or failure) depends on two factors: human and technological.
A
study published by the Association for Computing Machinery states, “The most security-conscious users are susceptible to unknown vulnerabilities, and even the best security mechanisms can be circumvented as a result of user actions.”
Here are a few tips from cybersecurity experts that you and your clinic staff can implement to reduce the risk of ransomware attacks in both the human and the technological aspects.
How Your Practice Can Address the Human Factor
In a mini-symposium organized by the Cybersecurity and Infrastructure Agency (CISA) last month, one of the speakers, Certified Chief Information Security Officer Perry Carpenter, pointed out that there is a constant meteoric rise in spending on IT and cybersecurity, but data breaches still seem to be outpacing them.
“So clearly we are missing something,” commented Carpenter. “I would say that the thing that we’re missing is the human layer.”
The human factor in a cybersecurity risk is often referred to as an insider threat—a deliberate or accidental security risk that originates from within an organization. According to an IBM
study, human error accounts for 95% of data breaches.
To form an effective line of defense on the human side of the issue, Carpenter offers the following advice:
1. Build an effective cybersecurity awareness program.
Focus on shaping behaviors to foster a culture that values security. In time, you should be able to achieve a company culture that has cybersecurity woven through it. Invest in regular cybersecurity awareness training for your organization.
2. Build a robust vulnerability management process.
You should have a clear process in place that your IT team can refer to when identifying, evaluating, treating, and reporting security vulnerabilities in your systems. If you don’t have a dedicated IT team for your practice, you can partner with a managed IT service provider.
3. Predetermine your guidelines for negotiation.
This is especially relevant in ransomware cases involving healthcare facilities where lives could be at stake. It’s easy to say you’ll never pay ransom, but it’s a different story when your clinic has been down for a week or when a hospital is unable to treat patients.
Think through what your position and policy are ahead of time so you won’t have to deal with them as you go through the urgency and emotions of a ransomware attack.
4. Ensure the integrity of your backup and recovery processes.
There have been countless times when an organization was hit by a ransomware attack and they tried to restore their backup data but later found it to be corrupted—they ended up with lost time, lost data, and crippled operations. So test and verify your backup and disaster recovery plan, and be extremely intentional about ensuring that it works.
How Your Practice Can Address the Technological Factor
Thanks to modern technological innovations, your organization now has access to countless tools that are specifically designed for cybersecurity protection. Among these tools are firewalls.
In simple terms, a firewall is a system that is designed to prevent unauthorized access from entering your private network.
|
Read more:
What is a Firewall and Does My Practice Need One?
According to cybersecurity company
Sophos, modern firewalls are highly effective at defending networks against ransomware attacks, however, they need to be given the chance to do their job. This means you (or your IT staff) need to configure your firewall and network to give you the best protection possible.
Sophos offers the following best practices for firewall and network configuration—you may want to show your IT team these:
1. Ensure you have the best protection.
This includes a modern high-performance next-gen firewall with an intrusion prevention system (IPS), transport layer security (TLS) Inspection, zero-day sandboxing, and machine learning ransomware protection.
2. Lock down the RDP and other services with your firewall.
Your firewall should be able to restrict access to VPN users and whitelist sanctioned IP addresses. If you’re looking for firewall options, contact a reliable MSP for trusted recommendations.
3. Reduce the surface area of attack as much as possible.
Every open port represents a potential opening in your network, so you should eliminate any non-essential open ports by thoroughly reviewing and revisiting all port-forwarding rules. Where possible, use VPN to access resources on the internal network from outside rather than port-forwarding.
4. Properly secure any open ports.
You can do this by applying suitable IPS protection to the rules governing that traffic.
5. Enable TLS inspection.
Ideally, get one with support for the latest TLS 1.3 standards on web traffic. This ensures that threats do not enter your network through encrypted traffic flows.
6. Segment local area networks (LANs) into smaller isolated zones.
Ensure that the zones are secured and connected together by your firewall. This minimizes the risk of lateral movement within the network.
Also make sure you apply suitable IPS policies to the rules governing the traffic that traverse these LAN segments to prevent exploits, worms, and bots from spreading from one LAN segment to the next.
7. Automatically isolate infected systems.
When a ransomware infection hits you, your cybersecurity solution should be able to quickly identify compromised systems and automatically isolate them until they can be cleaned up. If you’re not sure your current tool can do that, contact trusted healthcare IT experts for recommendations and advice.
8. Use strong passwords and multi-factor authentication (MFA).
MFA is especially important for your remote management and file-sharing tools so that they’re not easily compromised by brute-force hacking tools.
Protect Your Practice on All Fronts
Ensuring that your healthcare practice is safe from ransomware attacks is a big task. Not only are you going against cybercriminals who persistently find ways to infiltrate your network, but you also have to deal with potential loopholes in your technology and possible slip-ups by your team.
You play a crucial role in the healthcare industry, so you can’t afford to let any threat into your IT network. And to be honest, the most basic versions of cybersecurity tools just aren’t enough to give your clinic data the protection you need.
You need robust
technology to protect your practice, regular cybersecurity awareness
training for your staff, and round-the-clock IT
support to make sure everything is in place.
We offer these (and more!) here at
ER Tech Pros. Reach out to us to get a free IT assessment and to know what your options are.
Search Articles
Healthcare & Tech Articles
ER Tech Pros is a managed service provider (MSP) that specializes in catering to the IT needs of businesses across the globe. We have offices in Sacramento and the Greater Fresno area.
We use our cutting-edge technology, extensive experience, and global team of technology experts to ensure your IT network is in its most secure and optimal state.
We focus on your IT so you can focus on growing your company.
8795 Folsom Blvd, Ste 205
Sacramento, CA 95826
1501 Howard Rd, Ste 2
Madera, CA 93637
(855) ER-TECH-1 / (855) 378-3241
info@ertech.io
Resources
Search this Site
Get Updates
Enter your email address below to receive tech tips and resources from ER Tech Pros.
Connect With Us