When you are in the business of keeping people healthy, and saving lives, it's imperative that you do everything imaginable to protect systems against various security threats - because a breach could literally be life threatening. Unfortunately for some hospitals recently, this nightmare became a reality thanks to a ransomware attack.
British Hospitals Forced to Close
A ransomware attack forced shutdown of systems at the end of October in Great Britain. Three hospitals suffered a malware attack infecting the Northern Lincolnshire and Goole NHS Foundation Trust, commonly referred to as NLAG by locals. The almost complete shutdown lead to canceling around 2800 routine patient operations for several days.
The almost complete shutdown lead to canceling around 2800 routine patient operations for several days.
What happened was that computer systems were infected with a variation of the Globe ransomware, which encrypts victim files using a blowfish cryptographic algorithm. Additionally, it deletes shadow volume copies on the PC, which are backups of your files so that you have the ability to recover your computer to an earlier version if necessary.
The way that NLAG was hit is still being investigated. It would be due to a malicious email or through a drive-by-download from when someone from within the organization visited a “booby-trapped” website. This human error entry point for malicious attacks is more common in organizations than you think - but thankfully there are free tests you can apply for online for this specific weakness.
The disruption was serious. Even though the Trust was able to get most of their systems up and running within 48 hours of the attack, 2800 appointments were canceled because of the disruption. No long-term damage was done to the systems, though the patient operations caused a significant amount of negative publicity within the media, and caused a number of patients to become disgruntled.
What is Ransomware?
Ransomware is one of the latest forms of malware where a computer hacker essentially encrypts your system and the files within and holds them hostage in exchange for ransom. If you don't pay the ransom, then all would be lost. The actual ransom amount can vary for every attack, and the payment is often done through Bitcoin so that it's untraceable to the person who is behind it all.
The biggest problem with ransomware is that companies feel that they have no recourse except to pay. This incentivizes the criminals to launch more ransom attacks because they get paid. Their job is done, and they are making money by terrorizing various companies across many industries. This is bad news for companies because it demonstrates that there is no end in sight.
What Can Be Done?
The case study of what happened in Britain is demonstrative that there is a big problem. As an allied health service company, or any other company for that matter, you have to have the protection in place to avoid any kind of ransomware attack.
One of the best options available to you is cloud computing. The number of ransomware attacks is on the rise, particularly across the UK, where it seems as though they are the testing ground for various computer criminals to explore ransomware. As such, it is the number one problem plaguing the UK – and it's becoming more of a problem across the globe as well.
As such, it is the number one problem plaguing the UK – and it's becoming more of a problem across the globe as well.
The cloud provides a significant amount of defense. With cloud backup and disaster recovery, you have the ability to have additional backup that is not directly connected to your local network. You will limit the vulnerability of the threats, and your backup takes place on a daily basis. Further, you have a disaster recovery failover plan so that if your IT systems do get locked, you won't be required to pay in order to see your data once again.
As discussed in the above case study, one of the main reasons why they were forced to pay is because their shadow volume copies were deleted. They had no other backup, which is why it can take companies longer to restore their systems and get back up and running. If all of the backup was located on the cloud, this wouldn't be so detrimental. It could be restored within minutes, which is what you need to have so that patient care can be your focus at all times.
You can take advantage of cloud-based services from the service provider where all of your data can be replicated. You can have two copies of everything – one on your network and one in the cloud. This way, if ransomware attacks your network, you have a duplicate copy in the cloud.
There is also advanced cloud security that includes intrusion detection, a host-based firewall, integrity monitoring, as well as a log inspection. It significantly reduces the likelihood of a computer hacker from being able to get into a virtual machine so that an attack never wreaks havoc from the very beginning. You can learn of an issue, shut down the network, or even find out the way a cyber criminal was planning on attacking.
Even if you think you have plenty of data security in place, cloud computing can help you to get the extra level of protection against cyber criminals. You never know when an employee is going to download a malicious attachment or click on an untrusted URL. For this reason, you have to be able to spot an attack quickly and ensure that you have a copy of your data in the cloud so you don't have to pay the ransom.