You probably heard of the ransomware attack on the Hollywood Presbyterian Medical Center from last year. The hospital had to pay $17,000 in Bitcoin to regain access to its patient data. (And that’s just the beginning of the financial fallout from a healthcare cyber-attack) They found that the malware that encrypted their data entered their system through a word document attachment in an email labeled as an invoice that needed to be paid. After opening the document, the employee was asked for permission to run macros and that was when the network was breached. This is the calling card of a popular ransomware malware called Locky that was very popular for the first half of 2016, but has dropped off since.
That doesn’t mean you can forget about it, though.
Because even though Locky might not be as threatening as it used to be, you can bet that it’s delivery method has already been used again and will be used in the future.
So how do you defend against an attack that could come through a simple email attachment without losing access to legitimate emails? You can’t just rely on spam folders. The simple answer is to train anyone with access to a computer in your practice or organization to recognize the signs of cybercrime.
For example, if the employee who opened the Locky file at Hollywood Presbyterian knew not to enable macros, or consult an IT professional first, then they would’ve been saved a fortune. But some healthcare providers are too large to reliably educate every employee and cybercriminals are always adding new twists to their tricks so education isn’t a perfect option for many healthcare organizations.
So are they doomed to live in terror for the foreseeable future?
One Israel-based cybersecurity firm is saying no. Assuta Medical Centers is one of the largest private healthcare providers in all of Israel. They’re the type of organization that is too big to rely on employee training or spam folders to keep cybercriminals from launching ransomware out of email attachments, so when they received an email containing Locky what do you think happened? (Hint- Hollywood Presbyterian would be jealous.)
Thanks to Sasa Software’s Gate Scanner, the threat was eliminated before anyone could open it. Gate Scanner is like your average anti-virus scan or firewall on steroids. When an email is sent through the Gate Scanner, it first goes through a firewall. Next it is run through five different antivirus scan engines before being sent through another firewall and onto the recipient. According to Assuta the Gate Scanner has already stopped several strains of ransomware, which would explain why Sasa Software will be presenting it at the 2017 HIMSS Conference.
And it’s just in time too.
According to the Institute for Critical Infrastructure Technology Healthcare (ICIT) organizations receive the most cyber-attacks, but are the least prepared of any industry. But you don’t have to be a part of that majority. All it takes is a little time and focus. If you’re a part of a large healthcare organization, the Gate Scanner or a product like it may be an investment that will save you hundreds of thousands and even millions of dollars down the road.
If you’re a smaller practice or hospital it may not be the right solution for you. But the only way to find out is to dedicate time and focus to learning about current cyber threats and trends and then deciding what you need to prepare for and what that means for your practice or organization. According to the ICIT 75% of all organizations have had cyber security incidents, will you be ready when Locky or some other malware lands in your inbox?