Ransomware
Ransomware is a type of malicious software (malware) that systematically encrypts files accessible to the user. The malware then demands a ransom, frequently payable in Bitcoin, in exchange for the encryption key to decrypt the files. While ransomware is not new, during 2016, there was a dramatic increase in the number of attacks against healthcare organizations. In the spring of 2016, the FBI issued an alert and requested that organizations do not pay ransomware demands. Eagle Consulting Partners recommends multiple security controls to prevent these attacks including employee security awareness training, web filtering technology, a robust patching program and others. Critical controls to mitigate this exploit should it occur are robust incident response capability, isolated and redundant data backup and data recovery capability.
Preventing and Mitigating Ransomware Attacks
Recently, entire hospital networks have been shut down for time periods between 3 days and 3 weeks due to ransomware attacks. What can be done? Fortunately, there are established best practices which can prevent one of these attacks in the first place, or reduce the impact if a network is infected. We have some advice for you.
Read More
2016: Hospitals targeted with Ransomware, patients harmed, losses incurred
Ransomware attacks are rampant throughout the healthcare industry, affecting a high percentage of organizations.
After a healthcare provider becomes a victim of ransomware, the response is typical – these organizations recognize that attacks could occur again, with impacts even more severe, and invest both in safeguards to prevent future attacks and protections to mitigate the impact should they occur.
Locky Ransomware Targets Healthcare organizations
Research shows that a massive spam campaign with “locky ransomware” has been targeting healthcare organizations. We review malware and countermeasures.
Read More
