HBS wants clients and anyone reading this blog to understand the growing seriousness of ransomware in the workplace – particularly for healthcare entities that depend on safeguarded patient data to guide daily, life-and-death decisions.
Indeed, the problem is so severe that the U.S. Department of Homeland Security and FBI recently (2016) distributed a number of press releases and even a government interagency technical guide to help people address the issue. They’re calling ransomware the “fastest growing malware threat” in the country, with a 300 percent increase in occurrences since the start of 2016. An estimated 4,000 attacks take place in the United State every day.
What is ransomware? It’s a form of malware that targets an organization’s critical data and systems for the purpose of monetary extortion. The process usually begins with the criminals getting users (like you) to inadvertently download a program. For example, if you’re visiting a website, you may see a message such as: “Your computer has been infected with a virus. Click here to resolve the issue.” In these cases, the computer hasn’t yet been infected, but clicking the link will download the ransomware onto your computer. You are then informed that your computer is locked – you’ll see a frozen, unusable screen – with all your files encrypted.
Then you’ll be asked to pay a certain amount of money – the average ransom is about $300 – within a specified time in order to regain access to your data.
Any type of organization (public or private) is vulnerable, but because they’re easier to infiltrate – with fewer safeguards in place – small businesses, schools, hospitals, and ordinary computer users are prime targets.
According to a recent article in Healthcare IT News (published May 17, 2016), healthcare organizations in particular are less protected, because they don’t generally invest as much in cyber security as do other industry sectors. The article cited a ransomware incident that occurred in February against Hollywood Presbyterian Medical Center, which led to the hospital paying hackers 40 bitcoins or about $17,000. After this incident, several other violations followed in rapid succession: Hackers struck the Los Angeles County Department of Health, Chino Valley Medical Center and its sister site Desert Valley Medical Center, Methodist Hospital in Kentucky and MedStar Health in the nation’s capital.
Since ransomware is becoming more sophisticated and attacks more prevalent, what should businesses and organizations do? The FBI suggests you invest in the following two areas:
- Prevention, both in terms of awareness training for employees and robust technical prevention controls; and
- The creation of a solid business continuity plan in the event of a ransomware attack. (This involves such actions as doing regular data backups and securing the backups to ensure they’re connected to the computers and networks they’re backing up.)
“There’s no one method or tool that will completely protect you or your organization from a ransomware attack,” says FBI Cyber Division Assistant Director James Trainor. “But contingency and remediation planning is crucial to business recovery and continuity – and these plans should be tested regularly.”
To learn about more specific actions related to prevention, read “How to Protect Your Networks from Ransomware,” a nine-page, online booklet created by the U.S. Government to help guide chief information officers and chief information security officers across the country in addressing the issue.
If you want an evaluation of your vulnerability related to ransomware, call Hungate Business Services (HBS) at 276-243-4026 or email our help desk at [email protected] We will work with you to establish best practices and to bolster all areas of your organization’s cyber security.
If you become a victim of ransomware, you should contact your local FBI field office and report the incident to the Bureau’s Internet Crime Complaint Center.