Features Navigation

Live Chat (800) 825-0224 Live Demo

← Back

Increase in Threats to Healthcare Organizations from Ransomware

Uncategorized

Ransomware Threats Targeted at Healthcare Organizations

On Wednesday, October 28, 2020, the Cybersecurity & Infrastructure Security Agency (part of the United States Department of Homeland Security) issued an alert regarding “credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers”. AdvancedMD takes this alert very seriously, and we would like to both reassure you of our continuous efforts to protect your data against ransomware threats and encourage you to take advantage of key features within the AdvancedMD platform to protect against ransomware and other attacks.

How AdvancedMD Protects Your Data

Because most ransomware attacks are initiated with successful phishing attacks, we employ industry standard anti-phishing technology to detect and eliminate likely phishing emails. In addition, we use phishing education software to train our employees on how to recognize phishing attacks. In the unlikely event that a phishing attack is successful, we employ 2-factor authentication (2FA) for our email and other key systems to ensure that compromised credentials cannot be used to gain access to sensitive systems or distribute ransomware.

In addition to protecting against phishing attacks, we are aware of other attack vectors, including exploitation of obsolete services like SMB v1, and continually scanning to ensure that no instances of those unsecure service are running in our corporate and production environments. We also have multiple layers of monitoring by internal and external experts, to identify any signs of ransomware within our networks.

How You Can Protect Your Data

When it comes to ransomware, as with so many other security threats, some of the most effective defenses are also among the easiest:

  • Use 2-factor authentication (multi-factor authentication, 2FA or MFA) wherever possible. In particular, we encourage all AdvancedMD customers to enable and use 2FA in AdvancedMD. It is very easy to set up and provides excellent protection against compromised passwords, which is often a part of phishing attacks like those that are also used to distribute ransomware. The User Management training video in the Video Training Library provides step-by-step instructions on how to enable and use 2FA.
  • Use good password etiquette: Where 2FA is not available, use long passwords and don’t reuse the same password for multiple accounts. In AdvancedMD, review the security settings in the Security section of the System Defaults screen.
  • Provide anti-phishing training to your staff. Ideally, you should use an anti-phishing training application like those found here. There are also free online resources available, like these free phishing quizzes from Google and OpenDNS.
  • HIPAA requires that covered entities protect patient data. Find more information and helpful hints in this document: HIPAA Basics for Providers: Privacy, Security and Breach Notification Rules.

Working together, we can minimize the threat from ransomware and other malicious attacks.



Topic: Uncategorized


Other Resources Related to This Topic


Uncategorized

Making Light Work of Practice Metrics with AdvancedInsight

The need to measure practice metrics has never been greater. AdvancedInsight, the AdvancedMD answer to...

Uncategorized

AdvancedMD 2020 Fall Release

We are excited to announce the Fall Release of AdvancedMD. For this release and throughout...

Uncategorized

AdvancedMD 2020 Summer Release

We are excited to give you a sneak peek of the Summer ’20 release for...

“The money I have invested in AdvancedMD is miniscule compared to the return. I have never been more efficient – ever – in my professional life as I am now.”

Jed Shay, MD
The Pain Care Center

Read the story  ›

“[Our] patients are very well-educated and well-informed, and they want to see results quickly. The practice has to run extremely efficiently and be accessible to them. The nice thing about [AdvancedMD] is it has allowed me to be more efficient both in and out of the office. Now I don’t have to come back into the office, which is great for my family and everything else. It saves me a lot of time – probably an hour a day on the three days I work in the second office.”

Keith Berkowitz, MD
Center for Balanced Health

Read the story  ›

“The best thing I ever did in private practice was getting AdvancedMD—it has liberated me.”

Estaban Lavato, MD
La Loma Medical Center

“Having integrated practice management and EHR is absolutely wonderful, you don’t have to flip back and forth between systems—all of your information is at hand when needed.”

Raju Raval, MD

Read the story  ›