By Stan Shaw, Founder, CTS
An update to Part 5 of our series on Best Practices
A few months ago, we wrote an article on Ransomware: ten ways you can help protect your clinic . Since then, the Doctors Technology Office (DTO), at Doctors of BC, has published a brief indicating there has been an increase in reports from doctors about attacks by ransomware.
We agree with the DTO’s statement in their accompanying technical bulletin called “Ransomware – What should I do?“, “It’s spreading like the plague. Healthcare organizations must know that they ARE a target and will be attacked”.
Furthermore, the DTO indicated, quite rightly, that antivirus software does not provide sufficient protection from ransomware. The best practices we’ve published above, and the DTO’s technical bulletin, provide some helpful measures to assist in preventing some of the most common ways clinics may be hit with ransomware.
What we have been observing since our first report is that ransomware and malware tools are rapidly evolving to trick users into installing it onto their computers. And attacks are becoming increasingly sophisticated. For example,
Since our last “best practices” post was published, we have noticed it seems a number of clinicians and even some IT technical support staff have mistaken ideas about the threat of ransomware in medical and dental clinics. Here are some examples.
“I don’t keep my electronic medical records (EMR) data on my Windows laptop. It is stored on a Linux server, so if ransomware hits my computer, it won’t be affected”. Simple answer, no, that’s not correct.
“If ransomware hits my computer, I have other computers that I can use until I get my laptop back”. Don’t depend on this. Some types of ransomware can propagate across a network. And besides, if your clinic is unfortunate enough to experience it, you will be immediately affected, without warning. Do you really want to have to deal with this problem when you have a waiting room full of patients?
“If I am hit with ransomware, I’ll simply recover my data from backups” We agree, backups are essential to recover from an attack. But only if backups are done right.
“If ransomware strikes, I’ll pay the ransom to get my files back.” That, of course, is your decision, and with respect to some forms of ransomware, the FBI has actually recommended this. But just know that:
The impact: Ransomware may do more than just lock you out from using your laptop or desktop computer. Once it gets a foothold in your clinic, it can be difficult and costly to eradicate. The threat to clinic business continuity and protecting patient personal health information is considerable. Understanding the specific risks your clinic may have at this time is a vital first step towards taking proactive measures to mitigate them and ensuring you have well-tested procedures to quickly recover if needed.
The bottom line: Please take the threat of ransomware in your clinic seriously. Make sure you have tested, proactive measures in place to mitigate risks before ransomware hits.