HITInfrastructure

Security News

Network Segregation Is Best Way to Thwart Ransomware Attacks

Network segregation is the most important step a healthcare organization can take to thwart ransomware attacks, commented Kaspersky Lab Senior Security Researcher Brian Bartholomew.

network security

Source: Thinkstock

By Fred Donovan

- Network segregation is the most important step a healthcare organization can take to thwart ransomware attacks, commented Kaspersky Lab Senior Security Researcher Brian Bartholomew.

“Anything critical should not be directly connected to the internet,” Bartholomew stressed in a new Kaspersky Lab report Cyber Pulse: The State of Cybersecurity in Healthcare.

In addition, healthcare organizations should have a complete backup and recovery plan in place, install antivirus software on endpoints, and train employees about ransomware.

“Teaching the users what ransomware looks like, what it does, and how to handle an incident can mean the difference between one system going down or all of them,” Bartholomew said.

The report recommended that healthcare IT security teams adopt the following security best practices to prevent ransomware attacks from succeeding:

  • Update regularly computer operating systems on the network to the latest version
  • Use security products with dedicated anti-ransomware technologies
  • Make regular backups of important information and keep several copies in different locations
  • Maintain control over the network by restricting access to information to only employees that need it
  • Don’t pay the ransom
  • Raise awareness about modern cyber threats through trainings and reminders of security protocols

Kaspersky Lab advised healthcare organizations to adopt a risk-based security strategy rather than a compliance-driven strategy.

“Having antivirus software installed is good, but a multilayered approach to security is often necessary to fully protect an organization’s environment. A security driven, multilayered approach would include endpoint security, but add proactive risk assessments and response, active monitoring and analysis of a network in a security operations center (SOC), threat intelligence, and more,” the report related.

A risk-based security strategy requires cooperation between IT staff and business leaders to prioritize cybersecurity and manage the risk.

“This means investing in the design of a program that includes solutions and services that best fit the organization’s needs, meets compliance guidelines as well as teaches employees about cybersecurity so that it is strong enough to fight off potential attackers,” the report commented.

Kaspersky estimated that malware attacks, such as ransomware, can cost companies an average of $1.2 million.

The report also included results from a survey of 1,758 healthcare employees conducted by Opinion Matters on behalf of Kaspersky. These employees worked at North American healthcare organizations of all sizes and in a variety of roles, including doctors, surgeons, IT staff, and administrative staff.

More than one-quarter of healthcare IT employees surveyed admit they are aware of ransomware attacks to their employer within the past year.

Seventy-one percent of respondents said that they care about having cybersecurity measures in place at their organization to protect patients.

Only 23 percent of respondents said they had confidence in their organization’s cybersecurity strategy for 2019. That percent jump to 50 percent for health IT teams were polled.

Encouragingly, three-quarters of respondents said they would report a suspicious email to their IT team, but 17 percent of respondents would do nothing. “This proves that there is still some confusion when it comes to what to do in this type of situation,” the report noted.

“I think after some of these attacks have happened, awareness of the impact has increased at the top levels and things are finally being done to help mitigate the threats,” commented Bartholomew.

The report related that the WannaCry ransomware, while no longer making big headlines, is still a threat, affecting around 75,000 users as of the third quarter of 2018.

“I believe ransomware attacks are probably the largest immediate threat since, if we’re talking about hospitals or patient care facilities for instance, availability of equipment is critical to their function. Having machines rendered useless can severely impact a facility’s ability to care for patients,” Bartholomew observed.

X

Sign up for our free newsletter covering the latest IT technology for Hospitals:

Our privacy policy


no, thanks

Continue to site...