Friday, May 12th, 2017 was a historic day for internet cyber-terrorism. The world’s largest ransomware attack struck 150 countries crippling more than 300,000 devices across the globe. Major institutions such as U.K.’s National Health Service, Russia’s Ministry of Interior, Chinese government agencies, Germany’s Deutsche Bahn rail system, FedEx, Nissan, and Renault were just a few of those impacted by the massive cyber-attack.
Many British hospitals had to cancel surgeries, appointments, and turn way patients due to being unable to access their systems. Providers and staff were forced to use paper and patients in affected areas were being advised to seek medical care only in emergencies.
The good news is the virus was stopped by a security researcher who accidentally discovered a kill switch. A cyber group named Shadow Brokers is said to be responsible for the hack. Apparently, the organization stole the hacking tool from the National Security Agency (NSA) in April. Experts warn that the attack is far from over and the criminals are likely to release newer versions of the malware.
Ransomware has been increasingly on the rise, especially within the healthcare industry. Nearly 88% of ransomware attacks occur in healthcare organizations. Patients health information (PHI) is extremely valuable to cybercriminals because it contains highly sensitive information such as social security, DOB, addresses, credit card information, and other health-related data. This information is critical for patient care and healthcare operations, which makes hospitals most vulnerable to an attack.
How can individuals and organizations prevent becoming a victim of a ransomware attack?
It is imperative that organizations, specifically in critical sectors such as healthcare, make protection against ransomware a strategic priority.
Individuals:
- Ensure that all computer software is up to date and run a Windows Update to get the latest software. Set Windows (or other operating system) to install critical security updates automatically. Typically, important security updates are contained within the updates which can reduce the chances of being infected.
- Back up all important files, both on-site and off-site, if possible.
- Use an antivirus software that updates automatically.
- Never open or download attachments in emails from unfamiliar sources. Never open links or download software, apps or other programs from unofficial sources.
Organizations:
- Install the latest Microsoft security patches and ensure anti-virus programs are up to date.
- Ensure all important data is backed up and all emails and attachments are scanned for malware.
- It is important to inform and train all staff on appropriate security measures and identifying malicious links or attachments that may contain viruses.
References:
1) http://money.cnn.com/2017/05/13/technology/ransomware-attack-protect-yourself/
4) http://www.cnbc.com/2017/05/15/ransomware-wanncry-virus-what-to-do-to-protect.html