
Securing Healthcare Data from Ransomware
Ransomware attack has been a growing threat, affecting the data of different industries. The healthcare sector is no exception. Safeguarding the hospital's system from ransomware attack is the top priority in system admin's to-do list. According to the leading IT experts, this kind of cyber attack, especially on healthcare facilities, is increasing on a daily basis.
The most commonly targeted equipment by hackers in the medical sector is devices that are connected to the networks. These medical devices are often prone to threats because they are not updated and run on an outdated OS. These devices usually have a weak security and hence will be used as a potential gateway by the hackers to break into hospitals’ main networks. The targeted medical machinery is often difficult to protect and clean up than servers and workstations. Security is often not as the top priority, while building these devices during development lifecycles. In an instance, a US hacker had breached into the remote desktop of a particular vendor. He stole millions of records and asked for the ransom in return of that information. However, if the hospital gives security an utmost importance and takes some measures associated with network security, they can certainly avoid security breach caused by a ransomware attack.
Building the Wall for Blocking Ransomware
Here are some of the important tips to protect confidential information from the attack:
• Ensure that all the medical devices and equipment are running disparately from the general network that accesses patient’s protected health information (PHI).
• While storing the backup information or any sensitive data, save it in a separate location rather than saving in the hospital's main network, so there is a lower chance that sensitive data will be affected by ransomware.
• It is wise to save the sensitive data using secured network instead of local disks to store PHI. With the help of secured network, the data can be restored quickly once a ransomware attack hits.
• Healthcare organizations can design a specific incident response strategy that helps in managing the operation when the system is attacked. According to data from Intel Security’s Advanced Threat Research Team, hospitals that were hit by ransomware are the once that a contingency plan in place and ended up paying the ransom to restore their data.
• Healthcare facilities must provide a robust training to their staff on best practices to avoid malware. Ransomware is seen infecting networks mostly when office staffs click on malicious links or open suspicious email attachments from unknown senders. Health institutions must educate staffs on how to identify email spam, and remind them to be aware and not click on it.
• In addition to that improving internal spam filters might help in blocking those attacks. Many ransomware programs are masked under a compressed .zip files and saved in uncommon file formats. Ensure that system admin has spam filters that can recognize these types of files and block them.
• Another way is to block unnecessary programs and traffic from the network. By filtering out significant traffic helps in keeping hackers away from being able to break into the systems and encrypt the hospital’s information.
• “White listing medical devices and equipment” is one of the efficient ways to fight against ransomware. White listing only allows specific programs to update or run on the tools connection, which means illegal programs cannot get executed without permission and infect.
• Keep computers and other general network devices up to date. Make sure the latest versions of these devices are running at all times.
• Finally, instead of depending on the default system settings, capitalize on advance settings to protect data and devices, which can automatically block the devices and hardware.
Check Out: CIOReview | Medium
ON THE DECK
Featured Vendors
Sunquest Information Systems Inc.: Transforming Medical Laboratories into Enterprise Strategic Pillars
Smartlink Mobile Systems: Patient/Provider Mobile Communication App Improves Quality of Care and Ensures Full Compliance with Medicare Chronic Care Management
GSI Health: Enabling Effective Population Health Management through the Marriage of Care Coordination with Analytics
HealthCare Information Management, Inc: Simplifying Healthcare Payer Operations through Claims Automation
Wipro Healthcare & Life Sciences Combining Innovation with Expertise to Redefine Healthcare Delivery
Shareable Ink: Simplified Clinical Documentation for Anesthesia, Providers, Patient Check in &Surgery Centers
EDITOR'S PICK
Essential Technology Elements Necessary To Enable...
By Leni Kaufman, VP & CIO, Newport News Shipbuilding
Comparative Data Among Physician Peers
By George Evans, CIO, Singing River Health System
Monitoring Technologies Without Human Intervention
By John Kamin, EVP and CIO, Old National Bancorp
Unlocking the Value of Connected Cars
By Elliot Garbus, VP-IoT Solutions Group & GM-Automotive...
Digital Innovation Giving Rise to New Capabilities
By Gregory Morrison, SVP & CIO, Cox Enterprises
Staying Connected to Organizational Priorities is Vital...
By Alberto Ruocco, CIO, American Electric Power
Comprehensible Distribution of Training and Information...
By Sam Lamonica, CIO & VP Information Systems, Rosendin...
The Current Focus is On Comprehensive Solutions
By Sergey Cherkasov, CIO, PhosAgro
Big Data Analytics and Its Impact on the Supply Chain
By Pascal Becotte, MD-Global Supply Chain Practice for the...
Technology's Impact on Field Services
By Stephen Caulfield, Executive Director, Global Field...
Carmax, the Automobile Business with IT at the Core
By Shamim Mohammad, SVP & CIO, CarMax
The CIO's role in rethinking the scope of EPM for...
By Ronald Seymore, Managing Director, Enterprise Performance...
Driving Insurance Agent Productivity with Mobile and Big...
By Brad Bodell, SVP and CIO, CNO Financial Group, Inc.
Transformative Impact On The IT Landscape
By Jim Whitehurst, CEO, Red Hat
Get Ready for an IT Renaissance: Brought to You by Big...
By Clark Golestani, EVP and CIO, Merck
Four Initiatives Driving ECM Innovation
By Scott Craig, Vice President of Product Marketing, Lexmark...
Technology to Leverage and Enable
By Dave Kipe, SVP, Global Operations, Scholastic Inc.
By Meerah Rajavel, CIO, Forcepoint
AI is the New UI-AI + UX + DesignOps
By Amit Bahree, Executive, Global Technology and Innovation,...
Evolving Role of the CIO - Enabling Business Execution...
By Greg Tacchetti, CIO, State Auto Insurance
Read Also
