Threat actors have ramped up their attempts to pollute the IT networks of hospitals with ransomware even as the COVID-19 pandemic continues, according to the recent findings of INTERPOL.
The adverse outcome of such an incursion is not restricted to data damage or monetary damages to the organization. It also hinders quick medical response and has the potential to impact the physical well-being of the patients, making the situation a literal matter of life and death.
The following five tips can help healthcare institutions ensure that they are less susceptible to ransomware attacks:
- Education: Training users on how to identify and avoid potential ransomware attacks is crucial. As many of the current cyber-attacks start with a targeted email that does not even contain malware, but only a socially-engineered message that encourages the user to click on a malicious link, user education is often considered as one of the most important defenses an organization can deploy.
- Continuous data backups: Maintaining regular backups of data as a routine process is a very important practice to prevent losing data, and to be able to recover it in the event of corruption or disk hardware malfunction. Functional backups can also help healthcare organizations to recover from ransomware attacks.
- Patching: Patching is a critical component in defending against ransomware attacks as cyber-criminals will often look for the latest uncovered exploits in the patches made available and then target systems that are not yet patched. As such it is critical that organizations ensure that all systems have the latest patches applied to them as this reduces the number of potential vulnerabilities within the business for an attacker to exploit.
- Endpoint protections: Conventional signature-based anti-virus is a highly efficient solution for preventing known attacks and should definitely be implemented in any healthcare organization, as it protects against a majority of the malware attacks that a healthcare organization faces.
- Network protections: Advanced protections in the enterprise network such as Intrusion Prevention System (IPS), Network Anti-Virus and Anti-Bot are also crucial and efficient in preventing known attacks. Advanced technologies such as sandboxing have the capability to analyze new, unknown malware, execute in real-time, look for signs that it is malicious code and as a result block it and prevent it from infecting endpoints and spreading to other locations in the organization. As such, sandboxing is an important prevention mechanism that can protect against evasive or zero-day malware, and defend against many types of unknown attacks on the organization.
Follow IT News Africa on Twitter