Healthcare organizations remain a prime target for cyber criminals employing ransomware. The cause? The continuing value of the personal information that patient data and healthcare records contain. Social engineering is still the most common avenue used to infiltrate computers and associated network systems. Emphasis still needs to be placed on cybersecurity and other employee training. But the threat remains.
Reg Harnish discusses the current state of affairs in the article “Ransomware epidemic will continue to ravage healthcare“:
[Harnish] says that Locky and Sage ransomware continue to appear on the phishing threat landscape in 2017. â€œThe reality is that our adversaries are getting better faster,â€ according to Harnish, who says ransomware is evolving in terms of ease-of-use, features, and functionality.
â€œThey are selling this stuff just like Microsoft,â€ he adds. â€œTheyâ€™re in business to sell software or, in their case, malware. All of them today are undergoing a similar kind of evolution to (what we saw with) Microsoft Office. Cyber criminals are not a bunch of teenagers wearing hoodies. Itâ€™s very organized and sophisticated.â€
Harnish advises that organizations have a response capability, which he sees as being critical for managing, coordinating and monitoring a cybersecurity incident from initial discovery through resolution. â€œThey need to have a response plan so if and when it happens, they can respond very quickly,â€ he concludes.
He also cautions against giving in to demands and paying the ransom, as there is no guarantee you will receive working decryption keys, and when you acquiesce you name is put on a list—making you more likely to be targeted in the future.
Education remains a key factor in preventing ransomware attacks. Continue reading about ransomware in the healthcare industry here.