Across the healthcare community, ransomware poses an incredibly serious threat. Lost patient records can make it incredibly difficult to diagnose and treat patients–not to mention slowing down the speed of treatment or reducing the overall quality of patient care while the attack is resolved. As many as 23% of healthcare organizations have chosen to pay out the ransom demanded by attackers in order to continue patient care and prevent that lack of access to vital systems. As ransomware becomes increasingly sophisticated, it’s important that healthcare professionals know what steps they can take to help protect against ransomware and maintain the highest possible standard of patient care.
Ransomware can pose a number of dangers to any type of business. Many smaller businesses end up shutting down over ransomware attacks due to the compromise of private data and the fees often associated with those challenges. Even healthcare organizations are not immune to many of the costs associated with ransomware: by 2021, some sources estimate that worldwide, more than $20 billion will be paid out due to ransomware attacks and the associated costs. Protecting your healthcare facility against ransomware–and being prepared for the possibility of an attack–is vital to maintaining your high standard of patient care and keeping your facility running as smoothly as possible.
Step One: Educate Everyone
One of the biggest threats to your organization isn’t a poor firewall or an open network–though those can certainly pose a substantial hazard to your networks. Rather, the biggest threat is the healthcare providers who use your systems every day. Ransomware often comes into your network through a download or link. By properly educating all the staff members at your medical facility, you can avoid many common ransomware hazards.
Unlike many attacks, ransomware doesn’t require attackers to learn your employees’ passwords to gain access to the system. Instead, hackers simply reach out to members of your healthcare team, then convince them somehow to download the ransomware, which then spreads through your system. In order to protect your networks, you must properly educate your team, including:
Never Click on Links
Never click on links from emails. This includes emails that appear to come from your internal IT team as well as emails that may appear in your employees’ personal accounts. Instead, encourage employees to visit familiar sites by entering the known address in the browser themselves.
Know What Scams Look Like
Understand how to identify email and website scams. Do your employees know how to spot the difference between a legitimate website and a scam? Can they spot an email that’s out to gain their information or convince them to download ransomware?
What do they do if they notice a dangerous pop-up? Employees need instructions about how to handle potential hazards if they do arise, including avoiding clicking on pop-ups and even closing out browsers if necessary.
One-time education often isn’t enough to provide employees with the wisdom they need to avoid potential ransomware threats. Make sure this training is part of your employees’ regular routines. Make that information readily available. The more information you provide, the better your network is protected.
Step Two: Create Effective Policies
Your healthcare facility’s policies can provide a vital layer of protection that may serve to prevent your employees or patients from accidentally–or, potentially, deliberately–introducing ransomware into your system. Develop effective policies designed to protect vital patient information, including:
Guests Have a Separate Network
Using a separate network for guests provides network protection. Patients and visitors to your facility should have their own WiFi and other systems. This will, in turn, help protect everyone against the possibility of ransomware and other malware. Never allow patients access to the facility network, no matter how good their reason sounds upfront. Keeping your healthcare network isolated is critical to help protect against ransomware attacks.
Personal Devices Are Guests
Connect personal employee devices to the guest network, not to the facility network. With more devices than ever connected to the internet, an increasing number of employees will connect their devices to the network. This includes not only normal devices, like phones and tablets, but everything from smart coffee makers to smartwatches. Any needed facility devices that require internet connectivity, but do not contribute to patient care, should also be kept on this network.
No Personal Emails
Prevent employees from checking their personal email on the work network. This can substantially cut down on the number of potential infections that can make its way into your network. You may also want to limit personal browsing from work devices to help decrease the number of websites visited by your employees every day.
Remove Patient Data
Remove unnecessary patient data from your internal devices and networks. You do not want to leave even a shred of data behind for hackers to exploit when patients no longer need to be in your system. You also want to be sure that you completely delete all sensitive information from old devices that have been removed from the system, especially if those devices are not being destroyed immediately. The Shred Cube can help remove that information from your systems and protect confidential patient data.
Step Three: Prepare
Many healthcare organizations unwittingly expose their facilities to ransomware every day. In 2019, DHC Medical Center in Alabama had to pay out to unlock its data and its systems. Additionally, multiple hospitals in Australia had vital systems blocked by a ransomware attack. You cannot always stop ransomware from attacking your healthcare system, but you can have preparations in place that will allow you to protect your patients.
Create a contingency plan that will allow you to keep working even in the event of a ransomware attack. A ransomware attack can lock down all of your systems and prevent you from accessing programs as well as patient data. Thus, prepare a contingency plan that will allow you to keep working in spite of those obstacles. You may, for example, choose to rely on paper records temporarily, or to use backup systems to continue to provide patient care. By putting a business contingency plan in place that will allow you to continue to function through a ransomware attack, you can better maintain quality of patient care in spite of the challenges in front of you. This plan should include:
- Who needs to be notified of a ransomware attack
- How you will handle notifying patients of a potential hazard or attack
- Who is responsible for handling specific tasks, including communications
- What employees will take on specific tasks related to restoring your data
How to Handle the Situation
Decide how you want to handle the ransom. Most experts recommend not paying the ransom, since this can encourage hackers to try again with other ransomware attacks in the future. Paying a ransom is also no guarantee that the hacker will unlock your systems–or that they have the means to do so. Decide, as an organization, how you want to handle this aspect of a ransomware attack.
Isolate Infected Systems
Be prepared to isolate infected systems. If a system is affected by ransomware, you need to isolate that system immediately to keep it from infecting others. If you can pull an infected machine off the network, it can prevent you from infecting the rest of your network–which can, in turn, help prevent the attack from causing even more damage to your facility and your patients.
Back up Your Data
Back up your data regularly. No matter how you normally store your data, make sure you have backups in place that can allow you to restore your data in the event of a ransomware attack. Some facilities back up their data regularly throughout the day. Others may choose to back up only once a day. However, you choose to back up your data, keep in mind:
- Data should be backed up on a different system from your primary one to help protect against ransomware attacks. Ransomware attacks can quickly infect your entire network, including your data backups.
- Consider the benefits of offsite backups, both for the potential of a ransomware attack and in the case of natural disasters that could prevent you from reaching or fully utilizing your facility.
- Consider how long it would take you to restore patient data and how much time you can afford to lose. If you cannot afford to take the time to restore your data, you may need to create backups more often.
- Keeping track of your backups can help you restore your systems if data corruption goes back further than you think. Slow-moving ransomware could take time to infect all of your systems. If you need to go back a few days to restore uncorrupted data, having multiple days’ backups in place can make that easier.
Stay Secure With The Shred Cube
Ransomware is a serious challenge that continues to impact many healthcare facilities. Hackers know that healthcare facilities must keep up with patient care, which makes them a highly vulnerable target. By preparing your organization ahead of time, however, you can increase the odds that you will be able to respond effectively in the event of a ransomware attack, protecting both your facility and your patients.
To learn more about how the Shred Cube can help hospitals and healthcare facilities keep patient data secure, contact our team today.