New data indicates that small and medium healthcare organizations are a growing target of ransomware attacks. The data also suggests that of the victims of a ransomware attack that paid the ransom, only 45 percent got their information back.
This changes the thinking about ransomware from something you might be able to recover from, to something you should do everything possible to prevent. Good ransomware prevention is a combination of high-tech and low-tech solutions.
High-tech solutions include having adequate backups. If you are equipped with a good backup, you can switch to that backup without losing access to any data and avoid having to deal with whether you will pay a ransom or not. To be successful against a ransomware attack, backups should be located on alternative media to avoid being encrypted by a hacker. They must also occur frequently enough to allow you to restore to the backup without losing any information. Finally, your backup should be tested to ensure it can be relied on if necessary.
Low-tech solutions include a disaster recovery plan and workforce training. Your disaster recovery plan should anticipate and address ransomware. It should also require that you test your backups and your plans regularly.
Training should also be done to educate staff how to spot and avoid a ransomware attack. In most instances, ransomware attacks are initiated by an employee downloading an e-mail attachment that looks legitimate. Therefore, your workforce members should know how to spot such attempts, and what to do if they see one. A simulated phishing attacks is an excellent way to help improve staff behavior. In these scenarios you will send a benign phishing e-mail to staff and track who downloads the attachment inappropriately. You then use this as an opportunity to re-train those individuals.
It is uncertain whether paying the ransom will allow you to gain access to your data in a ransomware attack. Therefore, the focus must be firmly placed on prevention of such an attack. While there is no silver bullet, ransomware attacks can be prevented with a multi-faceted approach.