Using the WannaCry Ransomware Attack to Hone Prevention

It’s reported to have been one of the largest cyber extortion attacks to-date. The WannaCry (aka WanaCryptor 2.0) ransomware attack hit globally and hit hard. In the U.S., security analysts have leaped into the fray with patches and detection software, trying to stay ahead of the infiltration to quickly repair and mitigate damage.

Ransomware is a nasty business. Typically, what happens is an unsuspecting user clicks on a phishing link in an email or downloads an attachment which contains malware. The hacker’s malware then takes control of a users’ system, locking their files and data, and blocking it until a ransom is paid. Often there’s a timer that corresponds to the amount of money – usually Bitcoins – that the hackers demand before releasing the data. The longer it takes to pay, the higher the ransom gets.

Have you already been affected by ransomware? OCR reports that there have been “4,000 daily ransomware attacks since early 2016.” Also, if you’re a healthcare organization hit by ransomware, and files containing ePHI have been breached, you need to report it to OCR. Once the attack happens, go into containment and mitigation mode:

What to do when Ransomware Hits:

1. As soon as you realize there’s an issue, disconnect and try to isolate the malware.
   1. If you’re on a network, immediately notify your IT department.
   2. If you received an email from someone externally that sets off the ransomware, notify them, too. It may have been a fake email or they may not know they’re infected.
2. Hit “Go” on your Security Incident Response plan. Communicate quickly and effectively with stakeholders and users.
3. Go to backups that weren’t connected to the infected network. It could significantly limit damage and downtime.
4. Notify your FBI field office right away or file a cybercrime complaint. Make no mistake, ransomware is criminal.

Not yet a ransomware victim? Then you’re in protection and prevention mode.

7 Steps to Ransomware Prevention

1. Turn on auto-update for security updates for both your operating system and your browser.
2. Set anti-virus and anti-malware to run regular, automatic scans. If it alerts you, notify IT immediately!
3. Strengthen your spam filters and authentications. One click on an infected file starts a domino effect and most malware gets through in phishing emails.
4. Train employees to recognize suspicious emails and websites.
5. Don’t randomly download free software. Only use sites that are trusted providers.
6. Back up data regularly and store sensitive data backups separately from everyday networks or access.
7. Know how your business partners are doing on prevention. If they’re vulnerable, you likely are, too.

There are a lot of moving parts to organizational cybersecurity. Yet a platform like MyVCM can help connect the dots. It helps you track assets, including software, keep patching on-schedule and transparently monitor how your vendors are doing on their security, too. Taking preventive steps becomes business-as-usual, and makes it harder for cybercriminals to bring the business of healthcare to an abrupt and potentially dangerous halt.

Contact us today to learn more about Ostendio's MyVCM or request a demo.