Why are Hospitals Falling to Ransomware?

If you’ve been keeping an eye on the news you’ve probably seen at least a couple national headlines about huge, well-known hospitals getting attacked with ransomware. Two things about this are troubling for anyone who works for a healthcare organization. One is that these mega hospitals should have advanced security measures that far surpass anything smaller hospitals can utilize, and the second is that hackers seem to be picking on specifically hospitals.

To address the second concern first, that is simply because the data and information that hospitals have is very valuable and hackers know hospitals will pay whatever they can to get that data back. Losing confidential patient information due to a hack can bankrupt any healthcare facility.

However, just because giant hospitals have fallen prey to this attack doesn’t mean it wasn’t because they were failing to do very fundamental cyber security practices that businesses of any size should be doing. Here are a few easy things you need to make sure your facility is doing to make sure ransomware never becomes an issue you’ll have to face.

The Cyber Security Checklist

First off, make sure you have external email filtering that’s more involved than the standard spam filter your email comes with. Ransomware and phishing emails can slip through the cracks, and all it takes is one staffer to subject the entire company to a virus. This brings us to our second item…

Educate your employees on the threats that could lead to a ransomware attack! It could be a phony email from a CEO, a fake website set up to look like a gambling site or ESPN’s front page, or it could be secretly bundled with a shady software. Make sure your employees use work computers strictly for work and that they know how to spot a malicious email, and the chances of ransomware happening to you goes down practically to zero.

Data encryption, along with two-factor authentication, are absolutely necessary if you want to make sure nothing on your systems fall into the wrong hands. If you are a healthcare business with access to a lot of peoples’ confidential records and information, this is obviously a major priority of yours.

Two-factor authentication means that if a computer or application account, like an email account, is logged into from a device it’s not used to being accessed from, a code will be sent to another device that will need to be punched in before logging them in. For example, if a hacker tries to log into your email from their laptop and you have two-factor authentication set up on your phone, they would need to physically have your phone as well to see the code and log in.

As long as these three things are check off, the chances that you will be infected with ransomware, or any other malware, drops dramatically. It seems simple, but it could mean the difference between staying in business or losing everything!

For more information on how a cloud provider can help you prevent ransomware and other malicious forms of cyber attack, check out the TOSS C3 website or call us anytime at 1-888-884-8677.