10 Mar 2016
Hollywood Presbyterian Medical Center is the latest medical facility to be attacked by cyber-criminals – this time, by a type of malware known as ransomware. For an entire week, the malicious code took down the hospital’s network. While certain departments were able to function offline, other patients were relocated to nearby hospitals. Identified by the FBI as one of the most prevalent cyber-threats, ransomware encrypts files, locking out an organization’s access until they pay a ransom in exchange for the decryption key. Ultimately, to restore access, HPMC paid a ransom of 40 Bitcoins, or $17,000. With the proliferation of electronic medical records and the reliance healthcare organizations place on email, document management, and other computer-related functions, a similar attack would decimate any facility that was ill-prepared to weather such a digital storm. So how can you protect your own network against such threats? It’s best to be proactive, rather than reactive, in these cases. A breach protocol is all well and good, but by that time, the damage has been done. Setting tools in place ahead of time to detect and attack malware is an essential step to mitigating threats. Upgrade to the latest OS – and regularly update: Hospital IT must ensure all systems that can be are updated to the latest versions, and that regular security updates are run to apply patches designed to protect against the newest threats. Train staff to identify threats: Around the same time as the HPMC attack, Lukas Hospital in Neuss, North Rhine-Westphalia in Germany suffered a similar situation when an employee opened an attachment from a questionable email. These types of entry points are all too common, and, unfortunately, quite effective. Adequately train and update staff on what to look for and what to do is an essential first line of defense. Back up frequently: With a regular backups, ransomware is rendered moot. There’s no need to pay a ransom to obtain data that’s redundantly stored elsewhere. Monitor, detect, obliterate: There was a time when antivirus software fit the bill, but as security becomes more sophisticated, so, too, do attackers’ methods. Often, malware comes in long before an actual breach or attack happens, infiltrating the system insidiously and using new methods of intrusion. With a tool such as Proactive Compromise Detection that monitors the live memory, disk files, network traffic and behavioral analysis of running and idle application code, hospitals can eradicate a threat in real time. And with continual updates to detect Trojans, viruses, keyloggers, and more, along with an expert monitoring team, a third-party security tool reduces the IT burden and associated cost on organizations that would otherwise need to implement a monitoring program of their own. Unlike HPMC, many attacked organizations do not speak out, instead quietly paying the ransom and restoring operations without a word. Don’t be the next hospital in the news for a security breach. Set up your system and protocols to continually monitor and detect threats as they arise – before they can do any damage.