Ransomware Threats Targeted at Healthcare Organizations
On Wednesday, October 28, 2020, the Cybersecurity & Infrastructure Security Agency (part of the United States Department of Homeland Security) issued an alert regarding “credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers”. AdvancedMD takes this alert very seriously, and we would like to both reassure you of our continuous efforts to protect your data against ransomware threats and encourage you to take advantage of key features within the AdvancedMD platform to protect against ransomware and other attacks.
How AdvancedMD Protects Your Data
Because most ransomware attacks are initiated with successful phishing attacks, we employ industry standard anti-phishing technology to detect and eliminate likely phishing emails. In addition, we use phishing education software to train our employees on how to recognize phishing attacks. In the unlikely event that a phishing attack is successful, we employ 2-factor authentication (2FA) for our email and other key systems to ensure that compromised credentials cannot be used to gain access to sensitive systems or distribute ransomware.
In addition to protecting against phishing attacks, we are aware of other attack vectors, including exploitation of obsolete services like SMB v1, and continually scanning to ensure that no instances of those unsecure service are running in our corporate and production environments. We also have multiple layers of monitoring by internal and external experts, to identify any signs of ransomware within our networks.
How You Can Protect Your Data
When it comes to ransomware, as with so many other security threats, some of the most effective defenses are also among the easiest:
- Use 2-factor authentication (multi-factor authentication, 2FA or MFA) wherever possible. In particular, we encourage all AdvancedMD customers to enable and use 2FA in AdvancedMD. It is very easy to set up and provides excellent protection against compromised passwords, which is often a part of phishing attacks like those that are also used to distribute ransomware. The User Management training video in the Video Training Library provides step-by-step instructions on how to enable and use 2FA.
- Use good password etiquette: Where 2FA is not available, use long passwords and don’t reuse the same password for multiple accounts. In AdvancedMD, review the security settings in the Security section of the System Defaults screen.
- Provide anti-phishing training to your staff. Ideally, you should use an anti-phishing training application like those found here. There are also free online resources available, like these free phishing quizzes from Google and OpenDNS.
- HIPAA requires that covered entities protect patient data. Find more information and helpful hints in this document: HIPAA Basics for Providers: Privacy, Security and Breach Notification Rules.
Working together, we can minimize the threat from ransomware and other malicious attacks.