Eight ransomware prevention strategies for healthcare providers
February 22, 2021
By Shridar Subramanian
While cybercriminals promised to stop ransomware attacks on healthcare organizations during the pandemic, it never really happened. According to Health IT Security, the U.S. healthcare sector was the most targeted globally in Q3 2020, with attacks doubling year-over-year. And the costs are measured in millions of dollars and increased risks to priceless patient privacy (and your reputation).
With cyber-attacks continuing to evolve and proliferate, healthcare providers need to look at how they can prevent their organization from suffering the damages that result from ransomware. The following are some ransomware prevention strategies that healthcare providers should consider to keep both company and patient data safe.
1. Filter inbound emails
There are lots of choices for email filtering solutions that can serve as your first line of defense. Healthcare providers should look for software or filtering services that proactively scan and block spam, virus, and other threats in real-time before they can wreak havoc. Some use artificial intelligence (AI) to keep up with new threats and adapt defenses, while others use a Bayesian filter to detect and block personalized spam emails. It’s also worth choosing a solution that is easy to manage via a web browser, with customizable settings.
2. Keep firmware up to date
Software patches are frequently driven by newly discovered vulnerabilities. Healthcare organizations need to establish a regular assessment plan to confirm that all their critical applications, databases, and servers run the latest firmware. And immediately patch any that aren’t.
3. Evaluate security systems and firewalls
With more and more remotely connected devices—including IoT devices that present new potential vulnerabilities—healthcare organizations need to ensure that their endpoint security systems and firewalls work as expected. They also need to make sure that these protections are sufficient to keep their data secure, compliant, and available at all times. For organizations with remote workers, it’s more important than ever that these users connect to your network via a secure virtual private network (VPN). Along the same lines, they need to ensure all patient records and patient processing systems are protected by encrypting all their data—both at rest and in transit.
4. Train people
Cybersecurity education should be a core element of an overall data protection strategy. Team members must be trained so they can spot suspicious emails, attachments, or SMS attacks. They need to be educated and tested on social engineering attacks to understand that they should never click on a link or download an attachment unless they are 100% sure it is from a known sender. And they should have a general understanding of best practices for protecting devices and data.
5. Take regular backups
The best way to mitigate the fallout from a ransomware attack is to be prepared. That means backing up data frequently and replicating copies both to an offsite location and the cloud. Organizations will need to establish their recovery point objective (RPO) and recovery time objective (RTO) and ensure their backup solution can meet them. They should also look for a backup solution that takes regular, immutable snapshots that can’t be deleted or altered, preventing crypto-ransomware encryption. That way, organizations know their backed-up data is always safe, accessible, and recoverable.
6. Count on the cloud
Cloud storage gives organizations fast access to offsite data and is one of the pillars of a sound backup strategy. Cloud storage can also be less expensive than on-premises storage while adding an additional layer of protection. And, while even cloud-based data can be infected with ransomware that’s uploaded with a backup, sound backup practices—see #5 above—can overcome just about any attack.
7. Don’t pay the ransom
While an attack will cause major problems, we recommend that organizations never pay a ransom. Cybercriminals often don’t give access even if companies do pay. It’s worth considering getting ransomware insurance to help mitigate the damage.
8. Be proactive
While all these strategies are important for protecting against ransomware, organizations may still fall victim to a successful attack. That’s where planning makes the difference. With the right hardware, software, and best practices in place, they can recover quickly with minimal damage done. We suggest it’s time for every healthcare organization to get a serious security-health check-up that ensures they have a healthy security posture that can withstand even the most sophisticated ransomware attacks.
About the author: Shridar Subramanian is the chief medical officer at StorageCraft.