You likely heard last week about the ransomware attack on Hollywood Presbyterian Medical Center (HPMC) in California. As a result of the attack, the medical center was essentially locked out of its electronic health record (EHR) and other critical systems until it paid a ransom to the unknown hackers. For nearly two weeks, HPMC was forced to revert to maintaining paper records and sharing PHI by fax. Hollywood ultimately decided to pay the $17,000 in ransom and was provided the decryption key necessary to access its systems.
While ransomware attacks are relatively unheard of (or unreported) in healthcare, they have been steadily increasing in recent years and that trend is expected to continue. In light of HPMC paying the ransom, hackers may view healthcare organizations as soft targets and step up similar attacks. However, these attacks are not inevitable. Below are some tips to prevent a ransomware attack,
- Always check who the e-mail sender is: If you see a suspicious message, check with the sender to ensure they actually sent the message. It is better to pick up the phone to confirm this, as the sender may be victim of a spam attack as well.
- Double-check the contents of the message: Be extremely cautious of suspicious e-mails that contain factual errors or discrepancies. Also, be advised that spammed messages will often use social engineering lures to persuade the recipient to open.
- Refrain from clicking links in e-mail: The general rule is to avoid clicking links in e-mails as much as possible. If you feel you must click a link, make sure your browser uses web reputation to check the link.
- Backup, backup, backup: Once ransomware encrypts your data, there is no known way to decrypt the data without the key. Therefore, your best defense is to have accurate backups that follow the 3-2-1 principle (3 copies, 2 different media, 1 separate location). In the event a ransomware attack prevents you access to your data, you can simply resort to your most recent backup and carry on.