Medical Practices are an irresistible, lucrative, and easy target for hackers. Not only are they a goldmine for highly sensitive medical, financial, and personal data, but most medical practices don’t know where threats are coming from, much less how to defend themselves.
When Ransomware first appeared, becoming a victim of an attack wasn’t necessarily a death sentence. Many practices had great backup and disaster recovery plans that allowed them to restore systems to pre-infection status and get back to work. The practices that didn’t have these systems in place weren’t properly managed and maintained) and were forced to pay the ransom.
Most recently, Ransomware hackers have upped their game and now steal information from an infected party before encrypting their data, so even practices with proper backup and disaster recovery systems are now forced to deal with hackers to prevent the exposure of their sensitive data.
The big problem is that once a ransom is paid to ‘de-list’ a practice’s data, there is no guarantee that the data will be taken down. If the data is taken down, there is no guarantee that it won’t be kept and used in the future for additional extortion attempts.
Hackers are now proving they have sensitive information by releasing portions of actual stolen data as ‘proof’ to the target medical practice that they mean business, and that they have the data in question.
While you might think these attacks are the result of someone hacking away at your I.T. defenses and finally getting a foothold because of some technical oversight, the vast majority of these attacks come as an email attachment that someone inside your organization then clicks on to initiate the attack.
In fact, the Verizon Data Breach Report indicates that Email was the top malware delivery method at a whopping 95%. This attack vector normally comes with either a Microsoft Office document or a Windows Application as an attachment, and will typically install backdoor command and control software that allows hackers to take a look around and deploy ransomware once they are ready.
Once they gain access to your system, they can take all of your practice’s and patients’ classified information or change the content of documents, which could drastically affect your practice.
As if the cost of downtime was not bad enough, it’s the incalculable costs, such as damage to reputation, loss of sensitive and important medical data, and loss of patients that could prove to be more disastrous for practices after this kind of disaster.
The fact is that much of this risk and exposure can be mitigated with some simple changes and a common-sense approach to safeguarding your practice. To protect your practice, consider taking the following steps:
- Educate your team on cybersecurity best practices and how to identify a risky email
- Perform regular software updates in a timely fashion
- Follow HIPAA Compliance Requirements for safe-guarding patient data
- Back up your data on a regular basis and test your back up systems
- Conduct a risk assessment by testing your staff and system vulnerabilities
- Learn about and invest in Cyber Liability Insurance for your Practice
- Don’t assume your data is safe just because it’s “in the cloud”
- Utilize two-factor authentication and password complexity requirements
- Create a plan of action to implement in the case that a data breach does take place
- Form a partnership with an IT firm who will handle all aspects of safeguarding your practice