How your hospital can avoid ransomware attacks & safeguard patient info

Cyberattacks like WannaCry have exposed vulnerabilities in many operating systems that must be addressed by IT departments.

For hospitals, these issues have the potential to expose significant private patient data and health information. So updating your systems is essential to keeping your patients safe – and avoiding data breaches that could lead to HIPAA violations, hefty fines and more.

Best practices

There are a few strategies to keep your hospital safe from cyberattacks, according to McAfee Labs’ Threat Report on protection against malware.

Make sure your IT department is doing its due diligence with these tactics:

1. Back up files. McAfee calls this the most effective step against ransomware, so regularly back up your organization’s data files and verify procedures to restore your network.
2. Educate network users. Phishing scams using email attachments, downloads and web browsing are common, so make sure your staff knows what to avoid and can recognize potential dangers. You can even try simulating scams so employees see common methods and ruses used by cyber-criminals.
3. Monitor and inspect network traffic. By monitoring traffic, you’ll be able identify unusual activity and recognize patterns associated with malware or ransomware.
4. Change passwords. Set passwords to expire after a certain time period and create locking accounts that can’t be accessed after a certain number of attempts. This helps keep your network secure and increases protection.
5. Restrict administrative and system access. Some kinds of ransomware use default user accounts to operate. Renaming those accounts and disabling all unnecessary accounts (e.g., logins for employees who’ve left your hospital) adds an extra layer of protection. Also, only allow employees to access the network files and folders they need to do their jobs.
6. Limit other permissions:
   • Restricting user capabilities to save and edit files to a small number of directories, like My Documents and My Downloads, stops ransomware from accessing specific file paths to install.
   • Preventing execution from the aforementioned directories blocks ransomware installation.
   • Whitelisting applications, or only allowing certain programs or software to run on networks, can block ransomware hidden in unauthorized applications. Most organizations use a limited set of applications to conduct business, and using a whitelist-only policy for those applications ensures ransomware doesn’t make it through.
   • Requiring a login when accessing shared resources like network folders is a simple way to prevent ransomware from getting into your network.
7. Update software. Make sure your software is maintained. Download and install patches to fix vulnerabilities in your operating systems.

Even using just a few of these strategies can decrease your organization’s risk of being victimized by malware.

Email awareness

Email scams are the most popular techniques to infect networks with ransomware. A report from PhishMe estimates that 93% of all phishing emails contain ransomware, so it’s important to train clinicians and other hospital staff about how to handle spam emails.

It’s also critical for IT to secure your email communications by filtering content and blocking attachments. If employees receive fewer spam emails, the possibilities of a successful ransomware attack are reduced. And many attacks are delivered as executable attachments, so blocking certain file extensions from reaching inboxes cuts down on your risk.

Your hospital must safeguard important information for your patients, so it’s essential to do what you can to lower the chances of a major cyberattack hitting your facility.