Is Your IT Company Putting You At Risk Of A Cyber Attack?

Your IT Company Could Be Putting You At Risk Of A Cyber Attack

Is your healthcare organization’s cybersecurity your duty? Or, if you have an IT company, is it theirs?

This is really a question of which way you can pass the buck. If you were to get infected with ransomware, whose fault would it be? If your IT company doesn’t have the necessary cybersecurity expertise and credentials, wouldn’t it be your fault for trusting them in the first place?

After all, it’s your duty to select the right IT company for your needs. As a healthcare organization, you need IT support that understands the threats facing your industry.

Are You Actually At Risk Of A Ransomware Attack?

If you’ve been living under a rock for the past few years, maybe you haven’t noticed the major increase in cybercrime targeting the healthcare industry.

Ransomware is a growing problem for healthcare organizations of all sizes – in fact, almost half of all ransomware incidents reported last year targeted healthcare companies. This is largely due to the increasing usage of advanced medical devices, software, and mobile technology that are all interconnected.

In combination with outdated legacy medical systems, limited budgets for investing in cybersecurity, and a lack of IT expertise, cybercrime – particularly via ransomware attacks – is more common than ever.

• Alabama’s DCH Health System recently chose to pay the ransom and regain access to their systems after being hit by ransomware. The attack had resulted in three hospitals being shut down, leaving them unable to treat patients, and having to reroute ambulances.
• A Wyoming hospital’s operations were stopped dead because of a ransomware attack. With its data taken hostage, the hospital had to cancel surgeries, transfer patients to other facilities, and stop admitting new patients for multiple days.
• Earlier this year, the Olean Medical Group staff went without access to their systems and data for over 40,000 patients until they paid the hackers.

How Can You Protect Against Ransomware?

The best way to keep your data safe is to simply have it backed up, to a separate location, on a regular basis. By storing a complete and up to date copy of your data that’s separate from your local systems, it doesn’t matter if your onsite data gets encrypted by ransomware. You can simply wipe it all and recover your data from the backup.

Be sure to follow these tips, which are applicable to organizations, employees, and individual computer users:

1. Enlist expert support from an IT company that understands cybersecurity, in order to make sure you’re kept safe by a trained team.

2. Confirm that anti-malware and antivirus settings are deployed to automate all updates and to continually conduct system and device scans.

3. Train your staff to ask themselves these key questions before opening an email:

• Do I know the sender of this email?
• Does it make sense that it was sent to me?
• Can I verify that the attached link or PDF is safe?
• Does the email threaten to close my accounts or cancel my cards if I don’t provide information?
• Is this email really from someone I trust or does it just look like someone I trust? What can I do to verify?
• Does anything seem “off” about this email, its contents, or the sender?

How Should You Recover After An Attack?

Despite your best efforts, there is still the chance that a single vulnerability in your systems will be enough to compromise your network. Whether you end up having to pay the ransom or not (remember, with a viable data backup, you won’t need to), you need to examine what happened and figure out how to stop it from happening again.

The main goal will be to identify the root of the breach. You can enlist support from cybersecurity forensic professionals to help you determine how the ransomware made it into your systems.

If nothing else, when developing your ransomware defense, keep these three recommendations in mind:

• Make a considerable investment in a comprehensive backup and data recovery solution so that you can restore your data at a moment’s notice when necessary.
• Train your employees to recognize spoofed and false emails so that they don’t download a malware-infected attachment and help the hacker encrypt your data.
• Be sure to make the most of the available resources (both provided online and through expert IT support professionals) to ensure that you’re not overlooking vulnerabilities in your IT security.

Like this article? Check out the following blogs to learn more:

Sneaky Cybersecurity threats you need to know about

[Free Training] Protect Your Yourself From Hackers

Is Your Business Prepared to Take Action to Upgrade Windows OS Before January 2020?