Features Navigation

Live Chat (800) 825-0224 Live Demo

← Back

Increase in Threats to Healthcare Organizations from Ransomware

Uncategorized

Ransomware Threats Targeted at Healthcare Organizations

On Wednesday, October 28, 2020, the Cybersecurity & Infrastructure Security Agency (part of the United States Department of Homeland Security) issued an alert regarding “credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers”. AdvancedMD takes this alert very seriously, and we would like to both reassure you of our continuous efforts to protect your data against ransomware threats and encourage you to take advantage of key features within the AdvancedMD platform to protect against ransomware and other attacks.

How AdvancedMD Protects Your Data

Because most ransomware attacks are initiated with successful phishing attacks, we employ industry standard anti-phishing technology to detect and eliminate likely phishing emails. In addition, we use phishing education software to train our employees on how to recognize phishing attacks. In the unlikely event that a phishing attack is successful, we employ 2-factor authentication (2FA) for our email and other key systems to ensure that compromised credentials cannot be used to gain access to sensitive systems or distribute ransomware.

In addition to protecting against phishing attacks, we are aware of other attack vectors, including exploitation of obsolete services like SMB v1, and continually scanning to ensure that no instances of those unsecure service are running in our corporate and production environments. We also have multiple layers of monitoring by internal and external experts, to identify any signs of ransomware within our networks.

How You Can Protect Your Data

When it comes to ransomware, as with so many other security threats, some of the most effective defenses are also among the easiest:

  • Use 2-factor authentication (multi-factor authentication, 2FA or MFA) wherever possible. In particular, we encourage all AdvancedMD customers to enable and use 2FA in AdvancedMD. It is very easy to set up and provides excellent protection against compromised passwords, which is often a part of phishing attacks like those that are also used to distribute ransomware. The User Management training video in the Video Training Library provides step-by-step instructions on how to enable and use 2FA.
  • Use good password etiquette: Where 2FA is not available, use long passwords and don’t reuse the same password for multiple accounts. In AdvancedMD, review the security settings in the Security section of the System Defaults screen.
  • Provide anti-phishing training to your staff. Ideally, you should use an anti-phishing training application like those found here. There are also free online resources available, like these free phishing quizzes from Google and OpenDNS.
  • HIPAA requires that covered entities protect patient data. Find more information and helpful hints in this document: HIPAA Basics for Providers: Privacy, Security and Breach Notification Rules.

Working together, we can minimize the threat from ransomware and other malicious attacks.



Topic: Uncategorized


Other Resources Related to This Topic


Uncategorized

AdvancedMD Winter Release 2021

In this recorded webinar, you can learn about the 2021 Winter Release of AdvancedMD. In...

Uncategorized

Grow Your PT Clinic without Growing Your Bottom Line

In this recorded webinar, we’ll explore four ways to impact patient satisfaction, grow your practice...

Uncategorized

Report Building 101: Visualizing Data in Charts & Graphs

Master the art of report building using AdvancedInsight to drive practice growth featuring Megan Lewis,...

“The money I have invested in AdvancedMD is miniscule compared to the return. I have never been more efficient – ever – in my professional life as I am now.”

Jed Shay, MD
The Pain Care Center

Read the story  ›

“[Our] patients are very well-educated and well-informed, and they want to see results quickly. The practice has to run extremely efficiently and be accessible to them. The nice thing about [AdvancedMD] is it has allowed me to be more efficient both in and out of the office. Now I don’t have to come back into the office, which is great for my family and everything else. It saves me a lot of time – probably an hour a day on the three days I work in the second office.”

Keith Berkowitz, MD
Center for Balanced Health

Read the story  ›

“The best thing I ever did in private practice was getting AdvancedMD—it has liberated me.”

Estaban Lavato, MD
La Loma Medical Center

“Having integrated practice management and EHR is absolutely wonderful, you don’t have to flip back and forth between systems—all of your information is at hand when needed.”

Raju Raval, MD

Read the story  ›