Healthcare ransomware – you don’t have to be the victim

Temas:

13 abr 2017

Yet another ransomware attack has hit the news – this one notable for a number of reasons. One was the extent of the attack, another was how it disrupted the impacted healthcare organization, but probably the biggest part of the story was how a lot of this could have been avoided.

The victim was Austin Urology, and because of the number of impacted individuals, it wound up in the #2 spot on the Department of Health and Human Services' Office for Civil Rights "wall of shame" website. This is because over 260,000 individuals were potentially impacted.

As soon as Austin spotted the breach, they began remediation and also contacted their attorneys. They notified all impacted customers and offered a year’s free credit monitoring – something that appears to be almost standard practice in these cases.

Did they pay a ransom? No. Why not? Because they had backup. Within a day, Austin Urology has restored all those encrypted files back to originals, and because the breach occurred on a Sunday – i.e., not during business hours – they essentially lost nothing.

But I think the larger part of the story – or at least something every company facing ransomware (which means everybody) needs to understand is that the impact didn’t have to be that bad.

Most healthcare organizations have a need to keep patients’ records long after their care has ended; insurance, follow-ups, a number of reasons dictate keeping this information. The key takeaway, though, is that it ought to be kept offline, i.e. still in backups but not always connected to their networks. Austin’s number of active patients was a fraction of the 260,000+ contained in their entire database – yet the full database was actively connected to their network.

In the new scheme of things, it probably makes a lot of sense for IT to not only have a good data backup, but have a backup strategy so that while everything is properly backed-up, not everything is readily available to a network that’s under attack.

Rich is the Product Marketing Manager, Information Management. He's been with Barracuda since the acquisition of C2C Systems in 2014. Rich specializes in storage solutions, information management, and archiving systems. His experience includes extensive work on OEM opportunities and the legal community.

If you'd like to get in touch with Rich, you can connect with him on LinkedIn and follow him on Twitter.

You can email Rich at rturner@barracuda.com.

Rich Turner

Rich es el Director de Marketing de Producto de Nube Pública en Barracuda. Se unió al equipo como parte de la adquisición de C2C Systems en 2014. Rich es uno de los expertos en nube pública de Barracuda: trabaja directamente con los ecosistemas de nube y ha sido citado en eBooks de Microsoft sobre seguridad en la nube pública. También es un colaborador frecuente en los propios blogs de nube de Barracuda. Para nuestras acciones en la nube, ayuda a desarrollar estrategias y ejecución con nuestros socios y equipos de ventas.

Si deseas ponerte en contacto con Rich, puedes conectar con él en LinkedIn y seguirlo en Twitter.

Puedes enviar un correo electrónico a Rich a rturner@barracuda.com.

Busque en el blog

Informe de Barracuda sobre Ransomware 2025

Principales conclusiones sobre la experiencia y el impacto del ransomware en las organizaciones de todo el mundo

Obtener el informe

Seguridad de vulnerabilidades gestionada: corrección más rápida, menos riesgos, cumplimiento normativo más fácil

Descubra lo fácil que es encontrar las vulnerabilidades que los ciberdelincuentes quieren explotar.

VER EL SEMINARIO WEB