Hackers haven’t pulled back amid an ongoing global pandemic, panelists noted in two recent webinars hosted by the Healthcare Information and Management Systems Society. In fact, criminals are turning up their efforts and even targeting specialties and facilities that historically have fewer security defenses and less training.
“Attacks that tug at your emotions tend to be the most impactful and favored by cybercriminals,” Ryan Witt, managing director of the healthcare industry practice at Proofpoint, told one webinar audience.
These exchanges, he said, may include imposter emails from the World Health Organization, fake purchase orders for personal protective equipment, or bogus notices about a “vaccine ID” from the Centers for Disease Control and Prevention.
How to Prevent Ransomware Attacks in Healthcare
Federal officials didn’t offer specifics about how the latest ransomware attacks were conducted, but they have been amplifying a message of vigilance.
In September, CISA and the Multi-State Information Sharing & Analysis Center jointly released a ransomware guide that details best practices to help manage the risk posed by ransomware and other cyberthreats.
READ MORE: 4 Ways to Prevent Phishing Attacks in Healthcare
The latest advisory offers more guidance for IT teams, including:
Stay current with all operating systems, software, firmware and patching updates; set anti-virus and anti-malware solutions to update automatically.
Protect sensitive data with network segmentation so critical information doesn’t reside on the same server and network segment as the email environment.
Use strong passwords with strategic word combinations that aren’t repeated within different accounts or systems.
Perform regular backups and implement a recovery plan to maintain and retain multiple copies of sensitive or proprietary data and servers in a physically separate, secure location.
Restrict improper use by implementing application and remote access to only allow systems to execute programs known and permitted by the established security policy.
Provide cybersecurity education for all employees that includes training on ransomware, and explain how workers can report a suspected breach to speed an effective response.