Shridar Subramanian, CMO at Arcserve
While cybercriminals promised to stop ransomware attacks on healthcare organizations during the pandemic, it never really happened. According to the Ponemon Institute report, healthcare continued to incur the highest average breach costs at $7.13 million in 2020 – a 10% increase from the previous year for the tenth year in a row. As per CyberPeace Foundation, more than 7 million attacks were recorded between October 1 and November 25 on the healthcare sector in India. And the damages here are measured in millions of dollars and increased risks to priceless patient privacy (and your reputation).
With cyber-attacks continuing to evolve and increase, healthcare providers need to look at how they can prevent their organization from suffering the damages that result from ransomware. The following are some ransomware prevention strategies that healthcare providers should consider to keep both company and patient data safe.
- Filter Inbound Emails: There are lots of choices for email filtering solutions that can serve as your first line of defense. Healthcare providers should look for software or filtering services that proactively scan and block spam, virus, and other threats in real-time before they can wreak havoc. Some use artificial intelligence (AI) to keep up with new threats and adapt defenses, while others use a Bayesian filter to detect and block personalized spam emails. It’s also worth choosing a solution that is easy to manage via a web browser with customizable settings.
- Keep Firmware Up to Date: Newly discovered vulnerabilities frequently drive software patches. Healthcare organizations need to establish a regular assessment plan to confirm that all their critical applications, databases, and servers run the latest firmware. And immediately patch any that aren’t.
- Evaluate Security Systems and Firewalls: With more and more remotely connected devices-including IoT devices that present new potential vulnerabilities-healthcare organizations need to ensure that their endpoint security systems and firewalls work as expected. They also need to make sure that these protections are sufficient to keep their data secure, compliant, and available at all times. For organizations with remote workers, it’s more important than ever that these users connect to your network via a secure virtual private network (VPN). Along the same lines, they need to ensure all patient records and patient processing systems are protected by encrypting all their data-both at rest and in transit.
- Train People: Cybersecurity education should be a core element of an overall data protection strategy. Team members must be trained so they can spot suspicious emails, attachments, or SMS attacks. They need to be educated and tested on social engineering attacks to understand that they should never click on a link or download an attachment unless they are 100% sure it is from a known sender. And they should have a general understanding of best practices for protecting devices and data.
- Take Regular Backups: The best way to mitigate the fallout from a ransomware attack is to be prepared. That means backing up data frequently and replicating copies both to an offsite location and the cloud. Organizations will need to establish their recovery point objective (RPO) and recovery time objective (RTO) and ensure their backup solution can meet them. They should also look for a backup solution that takes regular, immutable snapshots that can’t be deleted or altered, preventing crypto-ransomware encryption. That way, organizations know their backed-up data is always safe, accessible, and recoverable.
- Count on The Cloud: Cloud storage gives organizations fast access to offsite data and is one of the pillars of a sound backup strategy. Cloud storage can also be less expensive than on-premises storage while adding a layer of protection. And, while even cloud-based data can be infected with ransomware that’s uploaded with a backup, sound backup practices-see #5 above-can overcome just about any attack.
- Don’t Pay the Ransom: While an attack will cause significant problems, we recommend that organizations never pay a ransom. Cybercriminals often don’t give access even if companies do pay. It’s worth considering getting ransomware insurance to help mitigate the damage.
- Be Proactive: Though all above strategies are essential for protecting against ransomware, organizations may still fall victim to a successful attack. That’s where planning makes the difference. With the right hardware, software, and best practices in place, they can recover quickly with minimal damage done. We suggest it’s time for every healthcare organization to get a severe security-health check-up that ensures they have a healthy security posture that can withstand even the most sophisticated ransomware attacks.