Ransomware may have possibly taken the crown as THE crime to beat in 2016, with record growth and profits for criminals. The healthcare industry is a particularly attractive target, because hospital systems are often vulnerable and the critical nature of patient data means they are more likely to pay out than risk being locked out of their files. While payments used to start around $50, the average payout is now $679, with $209 million paid out in Q1 of 2016 alone. In Q3, Kaperseky Labs reported more than 170 million malicious attacks from all over the world, meaning this threat isn’t going anyway anytime soon.
What can you do to protect yourself from this major and ongoing threat? Below are some seven tips to get you started.
- Run a strong antivirus program: Most programs scan for viruses in attachments, which is how most ransomware is spread. Having a strong AV means you get alerts when something suspicious might be trying to get into your systems. Of course, AV should be only a component of your network security strategy, along with firewalls and two factor authentication. There are strains of ransomware that have learned to avoid detection from AV programs, so it’s important to have other means of defense as well.
- Disable macros on your Office programs: Malware of all shapes and sizes likes to hang out in macros, and it’s best to disable them entirely. Talk to your sys admin about disabling macros across your organization.
- Update your plugins: Criminals regularly take advantage of zero-day vulnerabilities in Java and Adobe Flash, so when they issue updates, be sure to stay on top of it. If you don’t need Java or Flash to run your business, consider disabling them altogether. Malvertising is proving to be another very effective way of delivering malicious payloads to victims, oftentimes without them knowing it. These payloads are often delivered via exploit kits found in Java or Flash
- Never run executables in email attachments. Ever. Ever ever. If there’s one basic security policy to follow, this is it.
- Back up your files and have more than one copy: Follow the 3-2-1 rule: Three different copies of your data, on two different media, one being offsite. There are many strains of ransomware that look for network backups and encrypt them to prevent victims from being able to restore their files. Having a copy that is stored offsite can protect the integrity of your data. To that end, it’s also important to consider your current backup strategy: How easy it is to restore your files in case of an emergency?
- Have a strong disaster recovery strategy in place: If you need to shut down your network and therefore your primary patient portal, how quickly can you spin up your recovery site? Ransomware hits healthcare because criminals know the criticality of the data it protects, and know hospitals and healthcare insurers are more likely to pay out in order to get their systems back. If you have a strong backup and recovery system, you can thwart the malware and restore your data with a minimal amount of loss.
- Question everything: Emails that ask you to download invoices, enter information into a spreadsheet, or send back personal information are almost guaranteed to be phishing emails that not only try to suck information from you but install ransomware as well. According to Barkly, email is the No. 1 delivery method for ransomware and accounted for 59% of all attacks against healthcare in 2016. It’s not rude to double check with a purported sender that they really do need the information they’re requesting. Building a culture of security in the workplace goes a long way towards protecting an organization—after all, there’s only so much technology can do before humans start interacting with it.
Ransomware has exploded onto the scene and was a billion dollar crime in 2016. This year is sure to be just as bad, if not worse. But if you follow the above tips, you can protect your organization now before you’re locked out of your files.