Healthcare RansomwareCOVID-19 has spread infection among more than just people. Organizations, including hospitals, have experienced escalating infections of a different variety as the chaos surrounding the coronavirus pandemic has been an ideal environment for a rise in phishing attacks and new malware tactics.

Given the new or expanded networks that had to be built very rapidly so that some workers could work from home, businesses are currently more vulnerable. For example, remote working often utilizes Remote Desktop Protocol, which tends to increase the likelihood of ransomware attacks. Workers are, understandably, looking for easy access to file servers or their work computer; however, using this protocol over a public network substantially increases vulnerabilities.

New Double Extortion Ransomware Attacks

Ransomware operators have adopted to the new environment by increasingly utilizing a “double extortion” tactic. These attacks first emerged in late 2019 and escalated in early 2020. This ransomware attack further corners its victims by not only demanding a ransom to recuperate encrypted files but also to avoid the release of stolen sensitive data. To further pressure victims, ransomware criminals have created pages on the deep web where they post samples of stolen data letting victims know the types of data staged for release if payment is not received.

Healthcare Ransomware Attacks Increasing

As if the healthcare industry is not under enough pressure, ransomware attacks are exploiting the increased use of VPNs used to facilitate social distancing efforts for hospital staff that can work from home. Hospitals are increasingly the targets of these “double extortion” attacks.

Attackers scan for weaknesses and enter the network to deploy their ransomware payload. The goal is to hold the victim’s computer ransom and to collect sensitive, health-related data that the attackers then threaten to release. In response, hospitals are being encouraged to create backups of all data and provide policies on ransomware and malware attacks to educate staff.

Reducing Frequency of and Damage from Ransomware Attacks

While working to preventing ransomware attacks, it is also essential to ensure your network and staff are prepared if an attack does occur. The following are some tips:

  • Always keep and maintain current backups of files to perform a restoration of any impacted files
    • These files should be stored on a device not on the network, such as external drives
  • Develop policies and conduct training to lessen the success of phishing emails
  • Purchase and maintain anti-virus and firewall protection software
  • Ensure software patches are up to date
  • Use trusted VPN connections to avoid vulnerabilities on public networks

Policies and procedures must be created so that employees may assist in reducing cyberattacks and avoid falling victim to phishing attacks. Recommended practices for employees include:

  • Regular training sessions
  • Test employees with phishing assessments
  • Provide safe procedures for navigating sites

What should you do if you are infected by ransomware?

First, paying the ransom is never recommended as it only funds the hackers and does not guarantee the return of your files nor that any stolen data will not be released. Next, if possible, impacted files should be restored using backups. Finally, it is crucial to isolate the infected device by disconnecting it from everything. Any devices that were connected to the infected device that may potentially or partially be infected will also need to be isolated.

These are overwhelming times that are severely straining the IT and security resources of many organizations. If you need help, SilverSky is here for you. Don’t hesitate to reach out to us at 1-800-234-2175 or learn@silversky.com.

 

Managed Security Services

Your around the clock SOC.

Managed Endpoint Detection and Response

Some attacks will succeed. Don’t worry—we have you.

Managed Detection and Response

Augment your IT team using our expertise and the latest technologies.

Email Protection Suite

Defending against the leading attack vector.

Cloud Email and Collaboration

More than ever, the cloud is essential.

Incident Response Readiness

When a breach occurs, you’ll be ready.

Compliance & Risk Services

Take the next steps on your cybersecurity maturity journey.

Trusted Cybersecurity for an Uncertain World

Understand, detect, and effectively respond to threats, reduce business risk and improve the return on your security investment.

Financial Services

We comply with the same regulations you do.

Healthcare

Affordable defenses for a sector under attack.

Retail

SilverSky stands between cybercriminals and your customers’ data.

Benefits of a Single Vendor Relationship

The Cooperative Bank of Cape Cod found itself especially appreciative of SilverSky’s comprehensive solution set—particularly as they rapidly, but securely, enabled employees to work remotely.

ACET

Automated Cybersecurity Examination Tool

HIPAA

Health Insurance Portability and Accountability Act

PCI DSS

Payment Card Industry Data Security Standard

FFIEC

Federal Financial Institutions Examination Council

GLBA

Gramm-Leach-Bliley Act

ACET Helps Credit Unions Further Their Missions

Learn how going all in for ACET protects customers and the health of community-based financial services.

Resources

Articles, guides, ebooks, tools, on-demand webinars, case studies, and more. Explore a range of topics.

Press & Events

Press releases, upcoming conferences and trade shows, and future and on-demand webinars

Revisiting Cybersecurity’s Delicate Balance

Learn how CISOs are rebalancing prevention, detection, and response for stronger cyber defenses.

About Us

Trusted cybersecurity for an uncertain world.

Careers

Looking to join the fight against cybercriminals?

Security Management Console

Comprehensive customer portal for state of devices, reports for compliance, support tickets, and more.

Transforming Cybersecurity Culture from Corner Offices to Cubicles

Executives are increasingly thinking about cybersecurity management in a similar manner as they would any other risk assessment. This guide is here to help.