Get Live Chat Request a Callback Get live demo

← Back

Increase in Threats to Healthcare Organizations from Ransomware


Ransomware Threats Targeted at Healthcare Organizations

On Wednesday, October 28, 2020, the Cybersecurity & Infrastructure Security Agency (part of the United States Department of Homeland Security) issued an alert regarding “credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers”. AdvancedMD takes this alert very seriously, and we would like to both reassure you of our continuous efforts to protect your data against ransomware threats and encourage you to take advantage of key features within the AdvancedMD platform to protect against ransomware and other attacks.

How AdvancedMD Protects Your Data

Because most ransomware attacks are initiated with successful phishing attacks, we employ industry standard anti-phishing technology to detect and eliminate likely phishing emails. In addition, we use phishing education software to train our employees on how to recognize phishing attacks. In the unlikely event that a phishing attack is successful, we employ 2-factor authentication (2FA) for our email and other key systems to ensure that compromised credentials cannot be used to gain access to sensitive systems or distribute ransomware.

In addition to protecting against phishing attacks, we are aware of other attack vectors, including exploitation of obsolete services like SMB v1, and continually scanning to ensure that no instances of those unsecure service are running in our corporate and production environments. We also have multiple layers of monitoring by internal and external experts, to identify any signs of ransomware within our networks.

How You Can Protect Your Data

When it comes to ransomware, as with so many other security threats, some of the most effective defenses are also among the easiest:

  • Use 2-factor authentication (multi-factor authentication, 2FA or MFA) wherever possible. In particular, we encourage all AdvancedMD customers to enable and use 2FA in AdvancedMD. It is very easy to set up and provides excellent protection against compromised passwords, which is often a part of phishing attacks like those that are also used to distribute ransomware. The User Management training video in the Video Training Library provides step-by-step instructions on how to enable and use 2FA.
  • Use good password etiquette: Where 2FA is not available, use long passwords and don’t reuse the same password for multiple accounts. In AdvancedMD, review the security settings in the Security section of the System Defaults screen.
  • Provide anti-phishing training to your staff. Ideally, you should use an anti-phishing training application like those found here. There are also free online resources available, like these free phishing quizzes from Google and OpenDNS.
  • HIPAA requires that covered entities protect patient data. Find more information and helpful hints in this document: HIPAA Basics for Providers: Privacy, Security and Breach Notification Rules.

Working together, we can minimize the threat from ransomware and other malicious attacks.

Topic: Uncategorized

Other Resources Related to This Topic


2023 Fall Release On-Demand Webinar

We’re excited to share the new features and many enhancements to our practice management, EHR,...


What You Should Know About Medicaid Redetermination

In this recorded webinar you’ll learn how to redetermine the eligibility of your client’s Medicaid...


Experts answer your HIPAA compliance and 405(d) questions

In this recorded webinar, we’ll highlight changes to HIPAA regulations and highlight best cybersecurity practices....

“The money I have invested in AdvancedMD is miniscule compared to the return. I have never been more efficient – ever – in my professional life as I am now.”

Jed Shay, MD
The Pain Care Center

Read the story  ›

“[Our] patients are very well-educated and well-informed, and they want to see results quickly. The practice has to run extremely efficiently and be accessible to them. The nice thing about [AdvancedMD] is it has allowed me to be more efficient both in and out of the office. Now I don’t have to come back into the office, which is great for my family and everything else. It saves me a lot of time – probably an hour a day on the three days I work in the second office.”

Keith Berkowitz, MD
Center for Balanced Health

Read the story  ›
Estaban Lavato, MD - La Loma Medical Center

“The best thing I ever did in private practice was getting AdvancedMD—it has liberated me.”

Estaban Lavato, MD
La Loma Medical Center

“Having integrated practice management and EHR is absolutely wonderful, you don’t have to flip back and forth between systems—all of your information is at hand when needed.”

Raju Raval, MD

Read the story  ›