Slideshow: Tips for Preventing a Ransomware Attack

Ransomware attacks—where hackers install malware that locks access to certain organization computer systems—have been in the news recently, with an incident at Hollywood Presbyterian Medical Center, in California, getting the most attention. Privacy and security consultant Tom Walsh, CISSP, founder and managing partner of tw-Security, works with healthcare providers to prevent and respond to ransomware attacks. He recently shared his best advice with the Journal of AHIMA.

phisherman_1

Human foibles are the root cause of ransomware, making workforce training the most important prevention tool. Workers should be taught to look for “phishing” attempts, and to avoid clicking on links embedded in e-mails.

BYOD_2

Providers should make employees use a “guest” wireless network for web surfing and checking personal e-mail at work; encourage them to use their own devices for this. Using corporate devices opens the door to hackers.

Warning_3

If you are struck by ransomware, you’ll probably get a message like this. The first thing IT should do is isolate the first computer this message is found on from the network. Then, they should isolate the whole department from the network. The first 48 hours after an attack are critical. If panic sets in, employees may forget important recovery operations.

PayRansom_4

Pay the ransom. It might seem counterintuitive, but experts advise healthcare clients to do it. Hackers frequently under value the records and information they’re holding hostage. The Federal Bureau of Investigation says that paying the ransom can help them “follow the money trail,” even if the money trail is paid in Bitcoin.

CrimeScene_5

Ransomware can go undetected for awhile, with a ransom request appearing several days after its encryption has affected files. Therefore, it pays to implement a data backup plan with a longer retention schedule. Employees should also store work-related data on a network drive rather than a hard drive.

Shadow_6

The people behind ransomware attacks are usually professionals working with highly organized, sophisticated operations such as Russian crime syndicates. Underestimate their capabilities at your own risk.

 

Mary Butler is the associate editor at The Journal of AHIMA.

Submit a Comment

Your email address will not be published. Required fields are marked *