Securing Healthcare Data from Ransomware

By CIOReview | Friday, June 16, 2017

Ransomware attack has been a growing threat, affecting the data of different industries. The healthcare sector is no exception. Safeguarding the hospital's system from ransomware attack is the top priority in system admin's to-do list. According to the leading IT experts, this kind of cyber attack, especially on healthcare facilities, is increasing on a daily basis.

The most commonly targeted equipment by hackers in the medical sector is devices that are connected to the networks. These medical devices are often prone to threats because they are not updated and run on an outdated OS. These devices usually have a weak security and hence will be used as a potential gateway by the hackers to break into hospitals’ main networks. The targeted medical machinery is often difficult to protect and clean up than servers and workstations. Security is often not as the top priority, while building these devices during development lifecycles. In an instance, a US hacker had breached into the remote desktop of a particular vendor. He stole millions of records and asked for the ransom in return of that information. However, if the hospital gives security an utmost importance and takes some measures associated with network security, they can certainly avoid security breach caused by a ransomware attack.

Building the Wall for Blocking Ransomware

Here are some of the important tips to protect confidential information from the attack:

• Ensure that all the medical devices and equipment are running disparately from the general network that accesses patient’s protected health information (PHI).

• While storing the backup information or any sensitive data, save it in a separate location rather than saving in the hospital's main network, so there is a lower chance that sensitive data will be affected by ransomware.

• It is wise to save the sensitive data using secured network instead of local disks to store PHI. With the help of secured network, the data can be restored quickly once a ransomware attack hits.

• Healthcare organizations can design a specific incident response strategy that helps in managing the operation when the system is attacked. According to data from Intel Security’s Advanced Threat Research Team, hospitals that were hit by ransomware are the once that a contingency plan in place and ended up paying the ransom to restore their data.

• Healthcare facilities must provide a robust training to their staff on best practices to avoid malware. Ransomware is seen infecting networks mostly when office staffs click on malicious links or open suspicious email attachments from unknown senders. Health institutions must educate staffs on how to identify email spam, and remind them to be aware and not click on it.

• In addition to that improving internal spam filters might help in blocking those attacks. Many ransomware programs are masked under a compressed .zip files and saved in uncommon file formats. Ensure that system admin has spam filters that can recognize these types of files and block them.

• Another way is to block unnecessary programs and traffic from the network. By filtering out significant traffic helps in keeping hackers away from being able to break into the systems and encrypt the hospital’s information.

• “White listing medical devices and equipment” is one of the efficient ways to fight against ransomware. White listing only allows specific programs to update or run on the tools connection, which means illegal programs cannot get executed without permission and infect.

• Keep computers and other general network devices up to date. Make sure the latest versions of these devices are running at all times.

• Finally, instead of depending on the default system settings, capitalize on advance settings to protect data and devices, which can automatically block the devices and hardware.