Here we are. Talking about ransomware. Again. And the truth is, whether we are tired of talking about it or not, the current ransomware situation (especially for those in healthcare) is only getting worse as this year goes on. Simply put—things are bad. How bad? Well… bad enough for the FBI director to compare the current nationwide surge in ransomware attacks in the U.S. to the September 11th attacks of 2001. You have to admit, that’s a pretty extreme comparison. However, it’s not too far off. As we’ve seen already with the recent Colonial Pipeline attack, ransomware has the potential to bring parts of our country’s infrastructure to a grinding halt and disrupt commerce, similar to the results of a physical terrorist attack.
In response to this, the White House as well as the Cybersecurity & Infrastructure Security Agency (CISA) have recently released new guidance for how businesses (including medical practices) can protect themselves from ransomware attacks. In this blog, we will examine the main points of both sets of guidance and provide resource links for each.
LEARN HOW TO PROTECT YOUR PRACTICE WITH OUR NEW WHITEPAPER:
How Cybersecurity Risks Are Mitigated with Cloud EHR & Practice Management
White House Says All Businesses Should Do These Six Things
In the face of an unprecedented number of devastatingly successful ransomware attacks, the White House is urging all businesses to take the following six steps to protect themselves:
- Implement the following best practices to reduce the likelihood of a cyberattack—multifactor identification, endpoint detection and response, encryption and have a skilled cybersecurity team.
- Back up your practice’s data, system images and configurations. Test them regularly and store data offline. Ensure backups are regularly tested and not hosted on the business's onsite network (meaning practices should leverage cloud storage), so hackers cannot encrypt backup files. This allows your practice to easily restore systems after a ransomware attack.
- Patch and update systems promptly. Maintain the security of operating systems, applications and firmware in a timely manner (this means updating your technology frequently). Consider using a centralized management system and a risk-based assessment strategy to steer the patch management system.
- Test your incident response plan to identify any gaps. For example, can your business operate without access to certain systems? Will you need to cancel appointments if your billing systems are forced offline?
- Bring in a third-party expert for testing. Hire a third party vendor to test the security of your system and how well (or not well) it defends itself from a sophisticated cyberattack.
- Segment your networks. Keep operations segmented so that other operations can continue working if one segment is crippled by an attack. Limit internet access to operational networks. Regularly test that your practice can still function if one segment is down.
CISA’s Ransomware Threat Fact Sheet
Earlier this month, the Cybersecurity & Infrastructure Security Agency (CISA) published a fact sheet for critical infrastructure owners and operators detailing the rising threat of ransomware to operational technology (OT) assets and control systems. The guidance in this document covers the following:
- Provides steps to prepare for, mitigate against and respond to attacks
- Details on how the dependencies between an entity’s IT and OT systems can provide a path for attackers
- Explains how to reduce the risk of severe business degradation if affected by ransomware
We recommend that readers go to the fact sheet using the provided link for full details on this new CISA guidance.
As Always, Stay Vigilant
While the above guidance is helpful, maintaining a staff that is well-trained in identifying cyberattack methods (especially those using email) while remaining vigilant and skeptical will always be your practice’s strongest weapon. For a refresher course on various security threats and methods for identifying and avoiding them, check out our blog’s many articles on Security & Data Management.
To learn how Nextech can help your practice implement an integrated, secure, cloud-based EHR and PM system that minimizes cybersecurity risks, simply fill out this form and a member of our team will be in touch soon!