In the last few months we have seen a spike in cybercrime with a series of ransomware attacks in the healthcare industry. Hospitals, from California to Washington DC, have been attacked. Unlike attacks in the past where stealing sensitive data was the goal, these attacks are designed to prevent the hospitals' ability to operate.
Evidence points to 2 key areas of vulnerability:
Employees and Users
A key method of transmitting ransomware is phishing. People are still responding to phishing emails or visiting bad websites. And the phishing scams are becoming more sophisticated. The recently identified Locky virus is being distributed via email that contains a Word document attachment that looks like an invoice but contains malicious macros.
Software vulnerabilities and flaws
Hackers are employing virus-like software known as Samas, or "samsam," that scours the Internet searching for application servers vulnerable to specific flaws like unprotected versions of JBOSS.
Here are 7 Steps you must take to protect yourself- and your clients.
1. Understand what is happening
This is no time to put your head in the sand; keep up with the important information on threats and ransomware from federal agencies.
* US-CERT – Alert on Ransomware (https://www.us-cert.gov/ncas/alerts/TA16-091A)
* FBI advice on most common threats (https://www.fbi.gov/scams-safety/fraud/internet_fraud)
2. Train, Train and Train your employees
Did I say Train? Training needs to be a priority. Initiate training updates to employees on the recent issues and ensure they understand the risks. Remind them of precautions they must take to avoid exposing your company to vulnerabilities, such as how to recognize phishing attacks. For training ideas, see the most recent post on our blog by industry expert Chris Apgar.
3. Assess your vulnerabilities
Is it time to update your vulnerability assessment? Has it been more than 6 months since your last one? Start with a High Level Control Audit to quickly identify areas of Vulnerability. This could highlight areas where your malware software detection has limitations.
4. Update policies and procedures
Ransomware attacks herald a new level of threat to our industry. You must update your security strategy and manage your policy and procedure documents to reflect this new normal.
5. Software Patch Management
How do you track and manage patches and updates? If you don’t have a system or tool that helps you do this, consider getting one. The best tools help you create a history of how often you’re performing checks and how much time has gone by since the last round of updates.
6. Manage systems access and change control
Review and track who has access to key systems. Is everyone still with the organization? Have their roles changed? Do they need access, or their current level of access?
7. Know your partners and the data they have
Identify and review who your critical business partners are and determine the type of data they will have access to. This could be very helpful if you have service level agreements in place, as a breach will impact both your reputation, and your pocket.
I recommend you take these key steps to better prepare your organization – and your clients and business associates - to protect against ransomware and other security vulnerabilities.
Contact us to discuss how Ostendio’s MyVCMTM can help you develop, manage and track your Information Security, Risk Mitigation and Compliance. MyVCM can help you easily manage all the tasks outlined above.