Protecting your hospital’s machines from ransomware attacks is of utmost importance. Hackers are targeting healthcare facilities of all types and sizes with their malicious software programs, and IT experts say the trend will continue.
Hospitals are especially vulnerable to attacks via medical devices connected to their networks, because they often run on outdated versions of operating systems. These versions aren’t protected against newer forms of malware, so hackers can use them as a gateway to break into hospitals’ main networks.
But if facilities can take a proactive approach to network security, they can avoid any long-lasting damage or disruption that could be caused by a ransomware attack.
Fight against ransomware
Christiaan Beek, a threat intelligence researcher for Intel Security’s Office of the CTO, wrote an article for InformationWeek’s Dark Reading outlining 10 steps hospitals must take to make sure their networks are protected from ransomware:
- Divide the hospital’s network so medical devices and equipment are running separately from the general network that accesses patient’s protected health information (PHI).
- When storing backup data, save it in a different location than the hospital’s main network so there’s a lower chance that it’ll be corrupted by ransomware.
- Instead of using local disks to store PHI and other sensitive data, try using secure network drives. They can be restored more quickly once a ransomware attack hits, as long as your hospital’s backups haven’t also been affected.
- Create a specific incident response plan to maintain operations should a ransomware attack occur. According to data from Intel Security’s Advanced Threat Research Team, many facilities hit by ransomware that didn’t have a contingency plan in place ended up paying the ransom to restore access to their data (though this approach isn’t always effective).
- Train staff on best practices to avoid malware. Ransomware often infects networks when employees click on suspicious links or open email attachments from unknown senders. Teach staff how to recognize email spam, and remind them not to open spam messages.
- Improve internal spam filters. Many ransomware programs are concealed in compressed .zip files and saved in uncommon file formats. Make sure your spam filters can recognize these types of files to keep them from reaching inboxes at all.
- Block unnecessary programs and traffic from your network. Only allowing essential traffic keeps hackers from being able to infiltrate your systems and encrypt your hospital’s data.
- Enable “whitelisting” on medical devices and equipment. Whitelisting only allows certain programs to update or run on your devices’ connection, which means unauthorized programs can’t run automatically and infect them with ransomware.
- Keep computers and other general network devices up to date. Most modern computer operating systems that are still supported by their manufacturers receive regular patches and updates to correct security vulnerabilities. Be sure the newest versions of these systems are running at all times.
- Instead of relying on the default network settings to protect data and devices, enable more advanced settings that can block malware from automatically running on your devices and hardware.
Be sure to pass this information along to your IT department so it can put all these protections in place at your hospital.