Public Schools Are Being Attacked by Hackers More Than Ever

Cyber security has become a major problem for public schools over the past few years, but 2018 is bringing an unprecedented amount of cyber-attacks on schools all over the United States. Reports of different school districts falling victim to phishing and ransomware attacks are popping up all over the country. Let’s look at some recent attacks, as well as how one state is responding to this major threat. 

Roseburg Public Schools Fall Victim to Ransomware 

On the morning of Monday, May 7, Roseburg public schools in Oregon experienced a ransomware attack that blocked access to the district’s website and email. The district’s superintendent said at the time that IT personnel were working to restore encrypted files, and that it doesn’t appear that any personal information has been stolen or compromised.  

Unfortunately, days later the school district’s website still appears to be down. The school district says it will not release any further information about the hacker’s demands due to an ongoing police investigation.  

Hackers Gain Access to Fredericksburg School District’s Systems Using Phishing Emails  

Hackers created a fake email impersonating a regional organization to gain access to Fredericksburg school district’s electronic mail and filing systems last month. The Virginia school district detected the breach the next day, but not before hackers were able to access 14 employee emails and 1 employee’s files. 

The local superintendent sent out a letter warning parents that hackers may have had access to both student and parent information including full names, addresses, phone numbers, and insurance information. 

The malicious email appeared to be sent from a group that regularly sends info to local schools, a school employee reportedly thought it appeared suspicious, but clicked on it anyway. After this initial breach, hackers were able to send phishing emails to more employees. 

Indiana Launches New Cybersecurity Initiative for Schools 

The Indiana Department of Education just announced a new initiative to boost cyber protection education and funding in public schools. Indiana wants to make sure its schools faculty and students are prepared for cyber-attacks. Schools will even be able to apply for grants of up to $25,000 for cybersecurity funding. 

Indiana is also putting together a task-force to help teachers and staff become more familiar with cyber security and common threats. Some Indiana schools will be testing cybersecurity high school courses. 

Every School Needs to be Prepared 

Cybersecurity for public schools is no longer optional, hackers view schools as easy targets due to large numbers of online users and large amounts of sensitive data. JDL Group can help your school or district make sure it is prepared for anything with the latest in endpoint protection. Contact us today for a security assessment.  

References: 

https://indianapublicmedia.org/news/state-kicks-school-cybersecurity-initiative-146830/ 
http://www.fredericksburg.com/news/local/fredericksburg/hackers-break-into-fredericksburg-school-system-s-emails-file-system/article_d2b4e537-83ae-5160-8d6c-bbccf705e75a.html 
https://www.nrtoday.com/news/public_safety/roseburg-public-schools-computer-system-hacked/article_22c805d9-7f4a-5646-a832-b9711b23be32.html 

 

Public Schools Are Being Attacked by Hackers More Than Ever

Cyber security has become a major problem for public schools over the past few years, but 2018 is bringing an unprecedented amount of cyber-attacks on schools all over the United States. Reports of different school districts falling victim to phishing and ransomware attacks are popping up all over the country. Let’s look at some recent attacks, as well as how one state is responding to this major threat. 

Roseburg Public Schools Fall Victim to Ransomware 

On the morning of Monday, May 7, Roseburg public schools in Oregon experienced a ransomware attack that blocked access to the district’s website and email. The district’s superintendent said at the time that IT personnel were working to restore encrypted files, and that it doesn’t appear that any personal information has been stolen or compromised.  

Unfortunately, days later the school district’s website still appears to be down. The school district says it will not release any further information about the hacker’s demands due to an ongoing police investigation.  

Hackers Gain Access to Fredericksburg School District’s Systems Using Phishing Emails  

Hackers created a fake email impersonating a regional organization to gain access to Fredericksburg school district’s electronic mail and filing systems last month. The Virginia school district detected the breach the next day, but not before hackers were able to access 14 employee emails and 1 employee’s files. 

The local superintendent sent out a letter warning parents that hackers may have had access to both student and parent information including full names, addresses, phone numbers, and insurance information. 

The malicious email appeared to be sent from a group that regularly sends info to local schools, a school employee reportedly thought it appeared suspicious, but clicked on it anyway. After this initial breach, hackers were able to send phishing emails to more employees. 

Indiana Launches New Cybersecurity Initiative for Schools 

The Indiana Department of Education just announced a new initiative to boost cyber protection education and funding in public schools. Indiana wants to make sure its schools faculty and students are prepared for cyber-attacks. Schools will even be able to apply for grants of up to $25,000 for cybersecurity funding. 

Indiana is also putting together a task-force to help teachers and staff become more familiar with cyber security and common threats. Some Indiana schools will be testing cybersecurity high school courses. 

Every School Needs to be Prepared 

Cybersecurity for public schools is no longer optional, hackers view schools as easy targets due to large numbers of online users and large amounts of sensitive data. JDL Group can help your school or district make sure it is prepared for anything with the latest in endpoint protection. Contact us today for a security assessment.  

References: 

https://indianapublicmedia.org/news/state-kicks-school-cybersecurity-initiative-146830/ 
http://www.fredericksburg.com/news/local/fredericksburg/hackers-break-into-fredericksburg-school-system-s-emails-file-system/article_d2b4e537-83ae-5160-8d6c-bbccf705e75a.html 
https://www.nrtoday.com/news/public_safety/roseburg-public-schools-computer-system-hacked/article_22c805d9-7f4a-5646-a832-b9711b23be32.html 

 

Public Schools Are Being Attacked by Hackers More Than Ever

A New Hacker Group is Targeting the Healthcare Industry and Infecting Medical Equipment with Malware

A new group of hackers attacking the healthcare industry in the United States, Europe, and Asia have been discovered, according to the security firm Symantec. This new group, named “Orangeworm” by Symantec, are utilizing custom malware called “Kwampirs” to infect and compromise healthcare networks and equipment.

Which Devices are Being Targeted by Orangeworm?

This new custom malware has been detected inside the operating systems of medical imaging devices such as X-Ray & MRI machines, and devices used for digital patient consent forms.

The “Kwampirs” form of malware is designed to stay active for long periods of time in the equipment, which indicates that Orangeworm is interested in learning how these devices operate.

Trade Secrets Over Patient Data

Symantec believes that Orangeworm is not after sensitive patient data or interested in demanding a ransom from medical organizations, instead it appears that Orangeworm is carrying out some type of corporate espionage across the healthcare industry to attain trade secrets. Symantec has found traces of Orangeworm’s custom malware within the systems of pharmaceutical companies, healthcare IT firms, and medical equipment manufacturers.

It does not appear that these hackers are linked to any one government or nation, and right now there is no way to track the group’s origins.

How Does Kwampirs Malware Operate?

Surprisingly, Symantec reports that Orangeworm hasn’t discovered a new vulnerability or flaw in medical software. Instead, the hackers have mixed “social engineering” with previously known vulnerabilities to access medical networks. Once inside a network, the malware will aggressively propagate itself over shared networks.

This is a fairly outdated strategy for malware, but it is still effective on the medical community because older systems like Windows XP are still predominantly used among healthcare providers and organizations.

Protecting Your Healthcare Organization

This is just the latest example of the healthcare industry being a prime target for hackers and malware. In 2017, there were over 300 reported data breaches in the healthcare industry, with an estimated cost of over $1 billion!

If your healthcare organization or practice isn’t making data security and malware protection a priority, your systems may already be compromised. JDL Group can provide a full network diagnostic on your organization and identify any existing vulnerabilities or infections. Contact us today.

References

fastcompany.com
thehill.com
forbes.com

A New Hacker Group is Targeting the Healthcare Industry and Infecting Medical Equipment with Malware

A new group of hackers attacking the healthcare industry in the United States, Europe, and Asia have been discovered, according to the security firm Symantec. This new group, named “Orangeworm” by Symantec, are utilizing custom malware called “Kwampirs” to infect and compromise healthcare networks and equipment.

Which Devices are Being Targeted by Orangeworm?

This new custom malware has been detected inside the operating systems of medical imaging devices such as X-Ray & MRI machines, and devices used for digital patient consent forms.

The “Kwampirs” form of malware is designed to stay active for long periods of time in the equipment, which indicates that Orangeworm is interested in learning how these devices operate.

Trade Secrets Over Patient Data

Symantec believes that Orangeworm is not after sensitive patient data or interested in demanding a ransom from medical organizations, instead it appears that Orangeworm is carrying out some type of corporate espionage across the healthcare industry to attain trade secrets. Symantec has found traces of Orangeworm’s custom malware within the systems of pharmaceutical companies, healthcare IT firms, and medical equipment manufacturers.

It does not appear that these hackers are linked to any one government or nation, and right now there is no way to track the group’s origins.

How Does Kwampirs Malware Operate?

Surprisingly, Symantec reports that Orangeworm hasn’t discovered a new vulnerability or flaw in medical software. Instead, the hackers have mixed “social engineering” with previously known vulnerabilities to access medical networks. Once inside a network, the malware will aggressively propagate itself over shared networks.

This is a fairly outdated strategy for malware, but it is still effective on the medical community because older systems like Windows XP are still predominantly used among healthcare providers and organizations.

Protecting Your Healthcare Organization

This is just the latest example of the healthcare industry being a prime target for hackers and malware. In 2017, there were over 300 reported data breaches in the healthcare industry, with an estimated cost of over $1 billion!

If your healthcare organization or practice isn’t making data security and malware protection a priority, your systems may already be compromised. JDL Group can provide a full network diagnostic on your organization and identify any existing vulnerabilities or infections. Contact us today.

References

fastcompany.com
thehill.com
forbes.com

A New Hacker Group is Targeting the Healthcare Industry and Infecting Medical Equipment with Malware

Less Than Half of Ransomware Victims Recover Their Data After Paying the Ransom Demand

A ransomware attack can happen quickly and paralyze a business or company within minutes. Most of the time, these attacks are followed by a ransom note or list of demands from hackers. Many ransomware victims will feel that they must pay the ransom to regain access to their data, but new data shows that may not be the best strategy. 

Unfortunately, a survey released this month by the research firm CyberEdge has found that paying cybercriminals during a ransomware attack hardly guarantees that you will recover your files. 

A Survey of IT Security Practitioners  

A survey released last month polled close to 1,200 IT security practitioners across 17 countries. It revealed that less than half of ransomware victims in 2017 who paid the ransom recovered their files and data. 

The survey concluded that timely and routine backups are the best way to ensure you will recover your files in the event of a ransomware attack since backups enable an easy recovery. 

The Results of the Ransomware Survey 

Statistically, the survey reports that of the 55% of respondents who experienced a ransomware attack in 2017, 38.7% opted to pay the ransom. Only 19.1% of those who paid the ransom, or less than half, were able to recover their data using tools provided by the hackers. 

The Ransomware authors either didn’t provide any decryption instructions after payment or provided tools that did not decrypt as promised. 

On the bright side, 53.3% of those who were attacked with ransomware and didn’t pay the ransom were able to recover their data using either backups or decryption applications. 

Overall, the survey concluded that 27.6% or over a quarter of ransomware victims lost their data in 2017, regardless of if they paid the ransom or not. 

How to Prepare for a Ransomware Attack 

Implementing the proper defenses before a ransomware attack occurs can make all the difference and ensure that you don’t lose crucial files or information. JDL Group recommends a comprehensive, continuous data backup plan that will regularly test your backups and store your information in a secure location online.  

As the results of the survey show, if you or your company’s files are encrypted by a ransomware attack, there is a good chance paying the ransom won’t get your files back. It is vital in today’s landscape to install the proper defenses against ransomware so that it never has a chance to encrypt your data. 

Decryption software also appears to be a solid option. Statistically, it proved to be more successful in retrieving victims’ data than paying the ransom’s demands. 

Protecting Your Data from Ransomware 

Preparing for a ransomware attack and strengthening your network defenses may seem like a difficult task now, but JDL Group can make the entire process simple, quick, and efficient.  

We will provide you with the right tools and strategies to recover your data in the event of a ransomware attack, and more importantly, we will work to ensure that a ransomware attack doesn’t happen to you in the first place. Contact us today and start the process.  

References: 


https://www.bleepingcomputer.com/news/security/only-half-of-those-who-paid-a-ransomware-were-able-to-recover-their-data/
 
https://www.cyber.nj.gov/cyber-at-a-glance/20180316 
https://www.which.co.uk/news/2018/03/less-than-half-of-ransomware-victims-get-their-files-back/

 

Less Than Half of Ransomware Victims Recover Their Data After Paying the Ransom Demand

A ransomware attack can happen quickly and paralyze a business or company within minutes. Most of the time, these attacks are followed by a ransom note or list of demands from hackers. Many ransomware victims will feel that they must pay the ransom to regain access to their data, but new data shows that may not be the best strategy. 

Unfortunately, a survey released this month by the research firm CyberEdge has found that paying cybercriminals during a ransomware attack hardly guarantees that you will recover your files. 

A Survey of IT Security Practitioners  

A survey released last month polled close to 1,200 IT security practitioners across 17 countries. It revealed that less than half of ransomware victims in 2017 who paid the ransom recovered their files and data. 

The survey concluded that timely and routine backups are the best way to ensure you will recover your files in the event of a ransomware attack since backups enable an easy recovery. 

The Results of the Ransomware Survey 

Statistically, the survey reports that of the 55% of respondents who experienced a ransomware attack in 2017, 38.7% opted to pay the ransom. Only 19.1% of those who paid the ransom, or less than half, were able to recover their data using tools provided by the hackers. 

The Ransomware authors either didn’t provide any decryption instructions after payment or provided tools that did not decrypt as promised. 

On the bright side, 53.3% of those who were attacked with ransomware and didn’t pay the ransom were able to recover their data using either backups or decryption applications. 

Overall, the survey concluded that 27.6% or over a quarter of ransomware victims lost their data in 2017, regardless of if they paid the ransom or not. 

How to Prepare for a Ransomware Attack 

Implementing the proper defenses before a ransomware attack occurs can make all the difference and ensure that you don’t lose crucial files or information. JDL Group recommends a comprehensive, continuous data backup plan that will regularly test your backups and store your information in a secure location online.  

As the results of the survey show, if you or your company’s files are encrypted by a ransomware attack, there is a good chance paying the ransom won’t get your files back. It is vital in today’s landscape to install the proper defenses against ransomware so that it never has a chance to encrypt your data. 

Decryption software also appears to be a solid option. Statistically, it proved to be more successful in retrieving victims’ data than paying the ransom’s demands. 

Protecting Your Data from Ransomware 

Preparing for a ransomware attack and strengthening your network defenses may seem like a difficult task now, but JDL Group can make the entire process simple, quick, and efficient.  

We will provide you with the right tools and strategies to recover your data in the event of a ransomware attack, and more importantly, we will work to ensure that a ransomware attack doesn’t happen to you in the first place. Contact us today and start the process.  

References: 


https://www.bleepingcomputer.com/news/security/only-half-of-those-who-paid-a-ransomware-were-able-to-recover-their-data/
 
https://www.cyber.nj.gov/cyber-at-a-glance/20180316 
https://www.which.co.uk/news/2018/03/less-than-half-of-ransomware-victims-get-their-files-back/

 

Less Than Half of Ransomware Victims Recover Their Data After Paying the Ransom Demand

Atlanta’s Computer Systems Infected with Ransomware, Hackers are Demanding Over $50,000 in Bitcoin

The city of Atlanta is reeling due to its computer systems being hacked by ransomware last week, and many city departments are still offline. The hackers responsible for the attack are demanding a ransom of $51,000 worth of Bitcoin. This type of brazen cyberattack by hackers shows just how confident cybercriminals are becoming.

An Early Morning Ransomware Attack

Atlanta officials first noticed a problem early in the morning around 6 AM on Thursday, March 22nd. A ransomware attack encrypted data and shut down multiple applications on the city’s network, including apps for citizens to pay bills and access court-related information.

The Ransom Note

Not long after the attack Hackers sent a ransom note to the city of Atlanta with a list of demands. The note instructed the city to send .8 Bitcoin for each city computer or 8 Bitcoins for all the city’s computers, this amount of Bitcoin is valued at $51,000.

After sending the Bitcoin, Atlanta officials will have to leave a comment on their own website with the provided hostname, and the hackers will reply to the comment with decryption software that will delete the ransomware.

How Did This Happen?

It is still uncertain how hackers were able to plan and execute such a large-scale ransomware attack on an entire city’s computer network. Some are theorizing that the hackers gained access to the computers through a remote portal.

An Ongoing Situation

The city of Atlanta has not said if it plans on paying the ransom and computers at city hall are still shut down. The mayor of Atlanta says that a team of IT experts are working on fixing the computer network, and the FBI has been brought in to investigate.

Meanwhile, many city departments have been forced to conduct business using paper instead of computers and citizens are having a hard time communicating with local departments.

The Importance of IT Security

This major attack on a US city should remove any doubt that cybercrime impacts everyone, even governments. If an entire city can be attacked by ransomware, anyone or any business can. Cybersecurity is no longer optional in 2018, contact JDL Group to start protecting yourself.

Additional Resources

http://www.cbs46.com/story/37787028/sources-city-of-atlanta-computer-systems-dealing-with-cyberattack
http://www.cbs46.com/story/37816000/cyberattack-continues-to-stall-business-in-city-of-atlanta
https://www.yahoo.com/news/hackers-demanding-bitcoin-ransom-attack-atlanta-city-computers-070319259.html

Atlanta's Computer Systems Infected with Ransomware, Hackers are Demanding Over ,000 in Bitcoin

The city of Atlanta is reeling due to its computer systems being hacked by ransomware last week, and many city departments are still offline. The hackers responsible for the attack are demanding a ransom of $51,000 worth of Bitcoin. This type of brazen cyberattack by hackers shows just how confident cybercriminals are becoming.

An Early Morning Ransomware Attack

Atlanta officials first noticed a problem early in the morning around 6 AM on Thursday, March 22nd. A ransomware attack encrypted data and shut down multiple applications on the city’s network, including apps for citizens to pay bills and access court-related information.

The Ransom Note

Not long after the attack Hackers sent a ransom note to the city of Atlanta with a list of demands. The note instructed the city to send .8 Bitcoin for each city computer or 8 Bitcoins for all the city’s computers, this amount of Bitcoin is valued at $51,000.

After sending the Bitcoin, Atlanta officials will have to leave a comment on their own website with the provided hostname, and the hackers will reply to the comment with decryption software that will delete the ransomware.

How Did This Happen?

It is still uncertain how hackers were able to plan and execute such a large-scale ransomware attack on an entire city’s computer network. Some are theorizing that the hackers gained access to the computers through a remote portal.

An Ongoing Situation

The city of Atlanta has not said if it plans on paying the ransom and computers at city hall are still shut down. The mayor of Atlanta says that a team of IT experts are working on fixing the computer network, and the FBI has been brought in to investigate.

Meanwhile, many city departments have been forced to conduct business using paper instead of computers and citizens are having a hard time communicating with local departments.

The Importance of IT Security

This major attack on a US city should remove any doubt that cybercrime impacts everyone, even governments. If an entire city can be attacked by ransomware, anyone or any business can. Cybersecurity is no longer optional in 2018, contact JDL Group to start protecting yourself.

Additional Resources

http://www.cbs46.com/story/37787028/sources-city-of-atlanta-computer-systems-dealing-with-cyberattack
http://www.cbs46.com/story/37816000/cyberattack-continues-to-stall-business-in-city-of-atlanta
https://www.yahoo.com/news/hackers-demanding-bitcoin-ransom-attack-atlanta-city-computers-070319259.html

Atlanta's Computer Systems Infected with Ransomware, Hackers are Demanding Over ,000 in Bitcoin

A Fake IRS Email Scam is Spreading a New Form of Ransomware

Have you received a suspicious email from the IRS recently? It could be a trick to infect your computer with ransomware. Hackers are constantly looking for new ways to fool victims, and a new campaign is using fake emails from the Internal Revenue Service. These fake emails are spreading a new form of Ransomware, called Rapid Ransomware.

What is Rapid Ransomware?

Rapid Ransomware is a new variant of ransomware that was just detected in January 2018. It adds .rapid to encrypted file names and creates a ransom note called How Recovery Files.txt onto the desktop and files of compromised systems. This new form of Ransomware even stays active and encrypts new files after they are created. Rapid Ransomware has been known to terminate multiple databases such as sql.exe and sqelite.exe, clear Windows shadow volume copies, and disable automatic repairs.

More than 300 known infections of Rapid Ransomware have already been identified since January 3, 2018. It was unknown how hackers were spreading this new Ransomware, until a malspam campaign sending fake emails from the IRS was discovered in February 2018.

The Fake IRS Email Scam

Fake emails believed to be a part of this campaign include subject lines such as: “Please Note – IRS Urgent Message- 164” but look out for different variances of this. Hackers are using subject lines they hope will scare the victim into opening and clicking on the email. The body of these scam emails notify the reader that they are overdue on real estate taxes by several months.

The reader is then told to download an attached ZIP file named Notification-[number].zip, that supposedly holds a “comprehensive report” regarding the reader’s debt. This ZIP file does not contain any report, instead, it holds a Word document embedded with malicious macros. If macros are enabled, Rapid Ransomware will be downloaded onto the victims’ system.

It is notable that a high percentage of users being targeted by this campaign are small or medium sized businesses, not consumers. Hackers must be hoping business owners are more likely to click on a message from the IRS.

How to Protect Yourself

In order to make sure you are protected from this new cyber threat, JDL Group recommends not enabling macros on your devices, unless you have a specific document that requires macros. Also, do not click on links or open attachments from suspicious, unexpected, or unsolicited emails.

Securing Your Network Moving Forward

Looking for help securing your network against cyber-attacks? JDL Group can work with you to formulate an IT security plan that works for your business. Contact us today.

Additional Resources:

https://www.cyber.nj.gov/cyber-alerts/20180216/irs-email-scam-distributes-rapid-ransomware
https://myonlinesecurity.co.uk/please-note-irs-urgent-message-164-malspam-delivers-rapid-ransomware/
https://www.cyber.nj.gov/threat-profiles/ransomware-variants/rapid-ransomware

 

ransomware attacks on law firms

Have you received a suspicious email from the IRS recently? It could be a trick to infect your computer with ransomware. Hackers are constantly looking for new ways to fool victims, and a new campaign is using fake emails from the Internal Revenue Service. These fake emails are spreading a new form of Ransomware, called Rapid Ransomware.

What is Rapid Ransomware?

Rapid Ransomware is a new variant of ransomware that was just detected in January 2018. It adds .rapid to encrypted file names and creates a ransom note called How Recovery Files.txt onto the desktop and files of compromised systems. This new form of Ransomware even stays active and encrypts new files after they are created. Rapid Ransomware has been known to terminate multiple databases such as sql.exe and sqelite.exe, clear Windows shadow volume copies, and disable automatic repairs.

More than 300 known infections of Rapid Ransomware have already been identified since January 3, 2018. It was unknown how hackers were spreading this new Ransomware, until a malspam campaign sending fake emails from the IRS was discovered in February 2018.

The Fake IRS Email Scam

Fake emails believed to be a part of this campaign include subject lines such as: “Please Note – IRS Urgent Message- 164” but look out for different variances of this. Hackers are using subject lines they hope will scare the victim into opening and clicking on the email. The body of these scam emails notify the reader that they are overdue on real estate taxes by several months.

The reader is then told to download an attached ZIP file named Notification-[number].zip, that supposedly holds a “comprehensive report” regarding the reader’s debt. This ZIP file does not contain any report, instead, it holds a Word document embedded with malicious macros. If macros are enabled, Rapid Ransomware will be downloaded onto the victims’ system.

It is notable that a high percentage of users being targeted by this campaign are small or medium sized businesses, not consumers. Hackers must be hoping business owners are more likely to click on a message from the IRS.

How to Protect Yourself

In order to make sure you are protected from this new cyber threat, JDL Group recommends not enabling macros on your devices, unless you have a specific document that requires macros. Also, do not click on links or open attachments from suspicious, unexpected, or unsolicited emails.

Securing Your Network Moving Forward

Looking for help securing your network against cyber-attacks? JDL Group can work with you to formulate an IT security plan that works for your business. Contact us today.

Additional Resources:

https://www.cyber.nj.gov/cyber-alerts/20180216/irs-email-scam-distributes-rapid-ransomware
https://myonlinesecurity.co.uk/please-note-irs-urgent-message-164-malspam-delivers-rapid-ransomware/
https://www.cyber.nj.gov/threat-profiles/ransomware-variants/rapid-ransomware

 

ransomware attacks on law firms

Battling Ransomware: 3 Tips for Health Care Organizations

Battling Ransomware: 3 Tips for Health Care Organizations

Ransomware poses a very real threat to every health care organization in America. In the health care industry, 85% of organizations have experienced a ransomware attack, and that number continues to climb as criminals recognize the unique vulnerabilities in the health care industry. Motivated by patient safety, the potential damage to the reputation of their organizations, and the major financial impact of a ransomware attack, health care organizations are likely to pay quickly if compromised. There are things your organization can do to prepare itself for success in the battle.

1. Training Is Vital

Viral attacks almost always require someone to open the gates to allow entrance. Malicious email and sketchy websites lure the unsuspecting worker in your organization to allow entrance into your network. The most vulnerable link in your network is ultimately the end user. The fact is that you must provide training to your employees to help them spot threats – either to prepare them beforehand, or to respond to an attack afterwards.

Providing ongoing critical training in spotting and avoiding malware threats is the single most efficient way of protecting your organization. This training will not only guard you against ransomware but other kinds of malware as well. Threats from cyberattacks change constantly, so it is crucial to make training on recognizing current threat vectors a regular part of your organization’s culture.

2. Reassess Your Backup

Your network backup may well have been designed to protect you from outages, equipment failures, or natural disasters. Conduct a thorough audit of your backup systems for their ability to protect you from malicious threats as well. Ransomware often seeks out and compromises backup systems before making its presence known. Without regular backups to systems disconnected from your network, you may be vulnerable to an attack that compromises your entire system. Take steps to analyze your current backup and make changes as needed.

3. Make Updates a Priority

protecting health care organizations from ransomware NJ | NYCAs new attacks occur, software makers update software against exploited security vulnerabilities. Criminal hackers depend on the fact that your organization has failed to take the time to update your system to protect against that vulnerability. Finding new vulnerabilities and exploits is time-consuming and expensive for hackers. Make their work less rewarding by cutting off the easy routes into your network.

Update antivirus and malware protection on a constant basis. These programs are the fastest at updating protection against the latest threats. Operating system and browser updates should also happen as soon as possible when a patch is released. Internet content filters help avoid the latest malware infected websites. And don’t forget updates for health care-specific technologies. These may not update as frequently, but when they do, it is vital to implement the new patch as soon as possible.

4. Vigilance is the Price of Safety

Updating systems, training employees, and protecting your backups are effective for reducing your risk of infection. These measures take time, create short term inconveniences, and require organization and vigilance on your part. Acting now won’t guarantee you are invulnerable to attack, but is the right thing to do to safeguard your patients.

Contact Us

Don’t let your health care organization go unprotected another day. Contact us today.

Additional Resources:
https://news.brown.edu/articles/2017/09/ransomware
https://www.csoonline.com/article/3091080/security/the-rise-of-ransomware-in-healthcare.html#slide6

 

Battling Ransomware: 3 Tips for Health Care Organizations

Battling Ransomware: 3 Tips for Health Care Organizations

Ransomware poses a very real threat to every health care organization in America. In the health care industry, 85% of organizations have experienced a ransomware attack, and that number continues to climb as criminals recognize the unique vulnerabilities in the health care industry. Motivated by patient safety, the potential damage to the reputation of their organizations, and the major financial impact of a ransomware attack, health care organizations are likely to pay quickly if compromised. There are things your organization can do to prepare itself for success in the battle.

1. Training Is Vital

Viral attacks almost always require someone to open the gates to allow entrance. Malicious email and sketchy websites lure the unsuspecting worker in your organization to allow entrance into your network. The most vulnerable link in your network is ultimately the end user. The fact is that you must provide training to your employees to help them spot threats – either to prepare them beforehand, or to respond to an attack afterwards.

Providing ongoing critical training in spotting and avoiding malware threats is the single most efficient way of protecting your organization. This training will not only guard you against ransomware but other kinds of malware as well. Threats from cyberattacks change constantly, so it is crucial to make training on recognizing current threat vectors a regular part of your organization’s culture.

2. Reassess Your Backup

Your network backup may well have been designed to protect you from outages, equipment failures, or natural disasters. Conduct a thorough audit of your backup systems for their ability to protect you from malicious threats as well. Ransomware often seeks out and compromises backup systems before making its presence known. Without regular backups to systems disconnected from your network, you may be vulnerable to an attack that compromises your entire system. Take steps to analyze your current backup and make changes as needed.

3. Make Updates a Priority

protecting health care organizations from ransomware NJ | NYCAs new attacks occur, software makers update software against exploited security vulnerabilities. Criminal hackers depend on the fact that your organization has failed to take the time to update your system to protect against that vulnerability. Finding new vulnerabilities and exploits is time-consuming and expensive for hackers. Make their work less rewarding by cutting off the easy routes into your network.

Update antivirus and malware protection on a constant basis. These programs are the fastest at updating protection against the latest threats. Operating system and browser updates should also happen as soon as possible when a patch is released. Internet content filters help avoid the latest malware infected websites. And don’t forget updates for health care-specific technologies. These may not update as frequently, but when they do, it is vital to implement the new patch as soon as possible.

4. Vigilance is the Price of Safety

Updating systems, training employees, and protecting your backups are effective for reducing your risk of infection. These measures take time, create short term inconveniences, and require organization and vigilance on your part. Acting now won’t guarantee you are invulnerable to attack, but is the right thing to do to safeguard your patients.

Contact Us

Don’t let your health care organization go unprotected another day. Contact us today.

Additional Resources:
https://news.brown.edu/articles/2017/09/ransomware
https://www.csoonline.com/article/3091080/security/the-rise-of-ransomware-in-healthcare.html#slide6

 

Battling Ransomware: 3 Tips for Health Care Organizations

Protecting Patient Information from Ransomware

The health care industry was the target in 88% of all ransomware attacks on US industries in 2016. The perpetrators of these malicious attacks have realized that the health care industry is particularly vulnerable to cyberattacks and has a major incentive to pay the ransom quickly. Patient safety, the organization’s reputation, and the risk of potential fines all motivate victims in a health care organization to pay the ransom and restore service. However, recognizing the risk and taking steps to protect your network are about much more than money.

Seeing the Big Picture

Health care information was the most breached in 2016, with stolen medical records being worth more than 10 times a stolen credit card. There is an average of one new health care breach per day, with thousands of patient files compromised with each breach.

Hackers have recognized that an even faster and more lucrative way of turning their crime into cash is by employing ransomware. In a ransomware attack, the criminal does not need to find a buyer for the stolen data; they demand a “ransom” directly from the health care organization. Due to the pressures on health care providers, that payment often comes very quickly. In fact, ransomware attacks now comprise 72% of all malware attacks in the health care industry.

It’s not a matter of if your organization will face an attack, but when, and how you’ll prepare beforehand or respond afterwards.

Prepare for Attack

protecting patient information from ransomwareThe most effective step your organization can take is to provide training to all employees on the risks and responsibilities of protecting patient health information. You provide fire drills, training for emergency situations, and regular employee training in other areas, so make protecting your patients’ information a priority in training. Cyberthreats change rapidly, so make your employees aware of the dangers by providing the training they need to spot and avoid threats.

Reassess your backup system. Ransomware often seeks out and compromises backup systems before announcing itself. Regular rotations of backup systems that are then completely disconnected from the network are a minimum best practice.

Update your software with the latest patches and your antivirus solutions continually update to contend with the latest threats. Systems unique to the health care industry can be particularly vulnerable and require immediate patching whenever an update is available.

Recognize that all these steps require time and money to implement. In a health care organization, every line of the budget is crucial. The potential for fines if Health Insurance Portability and Accountability Act-compliant solutions are not in place should compel you to find the means to ensure your safety. Making the threat clear will help prioritize the time and effort for training and updates to take place.

Why Act Now

Patient safety is at stake in a ransomware attack. The reputation of your organization will suffer if you succumb to an attack. While no current system can completely guarantee that you are invulnerable to attack, the duty to safeguard your networks should be imperative in your organization. Act with urgency now to avoid an emergency later.

Contact Us

JDL Group can help you protect your patient information from ransomware. Contact us today.

Additional Resources:
https://www.healthcaredive.com/news/must-know-healthcare-cybersecurity-statistics/435983/
http://www.healthcareitnews.com/news/ransomware-accounted-72-healthcare-malware-attacks-2016

 

Protecting Patient Information from Ransomware

The health care industry was the target in 88% of all ransomware attacks on US industries in 2016. The perpetrators of these malicious attacks have realized that the health care industry is particularly vulnerable to cyberattacks and has a major incentive to pay the ransom quickly. Patient safety, the organization’s reputation, and the risk of potential fines all motivate victims in a health care organization to pay the ransom and restore service. However, recognizing the risk and taking steps to protect your network are about much more than money.

Seeing the Big Picture

Health care information was the most breached in 2016, with stolen medical records being worth more than 10 times a stolen credit card. There is an average of one new health care breach per day, with thousands of patient files compromised with each breach.

Hackers have recognized that an even faster and more lucrative way of turning their crime into cash is by employing ransomware. In a ransomware attack, the criminal does not need to find a buyer for the stolen data; they demand a “ransom” directly from the health care organization. Due to the pressures on health care providers, that payment often comes very quickly. In fact, ransomware attacks now comprise 72% of all malware attacks in the health care industry.

It’s not a matter of if your organization will face an attack, but when, and how you’ll prepare beforehand or respond afterwards.

Prepare for Attack

protecting patient information from ransomwareThe most effective step your organization can take is to provide training to all employees on the risks and responsibilities of protecting patient health information. You provide fire drills, training for emergency situations, and regular employee training in other areas, so make protecting your patients’ information a priority in training. Cyberthreats change rapidly, so make your employees aware of the dangers by providing the training they need to spot and avoid threats.

Reassess your backup system. Ransomware often seeks out and compromises backup systems before announcing itself. Regular rotations of backup systems that are then completely disconnected from the network are a minimum best practice.

Update your software with the latest patches and your antivirus solutions continually update to contend with the latest threats. Systems unique to the health care industry can be particularly vulnerable and require immediate patching whenever an update is available.

Recognize that all these steps require time and money to implement. In a health care organization, every line of the budget is crucial. The potential for fines if Health Insurance Portability and Accountability Act-compliant solutions are not in place should compel you to find the means to ensure your safety. Making the threat clear will help prioritize the time and effort for training and updates to take place.

Why Act Now

Patient safety is at stake in a ransomware attack. The reputation of your organization will suffer if you succumb to an attack. While no current system can completely guarantee that you are invulnerable to attack, the duty to safeguard your networks should be imperative in your organization. Act with urgency now to avoid an emergency later.

Contact Us

JDL Group can help you protect your patient information from ransomware. Contact us today.

Additional Resources:
https://www.healthcaredive.com/news/must-know-healthcare-cybersecurity-statistics/435983/
http://www.healthcareitnews.com/news/ransomware-accounted-72-healthcare-malware-attacks-2016

 

Protecting Patient Information from Ransomware