Healthcare & Ransomware
By Art Gross, President and CEO, HIPAA Secure Now!
Twitter: @HIPAASecureNow
Read other articles by this author
As healthcare continues to be a prime target for cybercriminals, understanding what is happening as an employee is equally, if not more, important than just being aware of the risk. Having insight into how the attack can play out will help you understand the threat and the outcome if a hack occurs.
Ransomware is one of the ways that a cybercriminal will attack a business. The name indicates clearly what happens. Software is deployed and it holds your network and data hostage until you pay the indicated ransom amount. And the payment, which on average is just over $760,000 is only part of the total spent to recover from an attack. Payment is almost always done with cryptocurrency, which makes tracing close to impossible. The malware, or software that is deployed, works by encrypting the victim’s files and making them inaccessible. This is usually done via a malicious link contained within a phishing email. You should be aware that paying the ransom does NOT guarantee that your system will be released, or that malicious files do not remain within your network, and for this reason, the federal government and cybersecurity experts often advise not to pay the requested ransom.
According to a recent statistic, at least one in three healthcare businesses will be hit with a cyberattack. This report also indicates that only 69% of those businesses could get their restored data back after paying the ransom.
How Does It Happen?
There can be multiple ways that a hacker will deploy ransomware, but it takes HUMAN ERROR to make it work (for them!).
Some of the most common ways are:
- Emails are sent to users that are disguised as legitimate but contain fraudulent information. This may be done by disguising the sender or the content contained in the email.
- Users click on dangerous or malicious links.
- Viewing an advertisement that contains malware – which is known as malvertising.
How Can You Help?
Pause before clicking. If your boss, co-worker, or a person of authority asks you to do something like transfer funds, buy gifts, or click on a link, take a moment to verify that it is legitimately them. This can be done via a quick phone call or internal message, or by creating a whole new email (don’t reply to the original email) asking them if this ask is valid. They will be thankful that you questioned and double-checked before doing something that could be detrimental to the business. Hackers are clever at disguising names by eliminating one letter or creating a link that looks like it is real but actually masks a dangerous site.
Don’t click on advertisements. If you see something of interest, look the site up via a search engine first. This isn’t a fail-safe option, but it adds another layer of verification.
And finally, never assume that because it looks legitimate, it is. Especially when asked to click on a link or login using your credentials. Going to the site directly through a new browser window is always worth the extra step to verify that you are not clicking on a dangerous link.
As with most things, being in a hurry leaves room for error. We know that your workday is busy and you are just trying to get through your tasks. But with cybersecurity, double-checking and pausing for even a moment is a way of taking small steps that add up to big results when it comes to protecting your business.
This article was originally published on HIPAA Secure Now! and is republished here with permission.