Based on the data from the first nine months of 2016, the number of ransomware attacks this year will be four times higher than last year, according to a study from Beazley, a data breach response insurance company. Source: http://www.insurancejournal.com/news/national/2016/10/26/430541.htm
Healthcare organizations are more and more the targets of malicious hacker attacks. Ransomware, a type of malware, is clearly one of the biggest threats the healthcare industry has had to face in years.
There are two types of ransomware: Type one locks the computer screen, whereas type two encrypts predetermined files. If it locks the computer screen, a full-screen image or notification will be displayed on the infected system’s screen and the system can’t be accessed any more. This notification usually shows the instructions as to how victims can pay the ransom to access their files. The second type of ransomware prevents access to critical or valuable files like documents and spreadsheets.
Wondering how ransomware can be downloaded onto your organization’s system? It’s easier than you might think. It can be downloaded when unknowingly visiting malicious websites, it can get into your system as a payload either dropped or downloaded by other malware, and it can also be delivered as attachments from spammed email, downloaded from malicious pages through malvertisements, or dropped by exploit kits onto vulnerable systems. The threatening possibilities are nearly endless. (Source: http://www.trendmicro.com/vinfo/us/security/definition/ransomware)
For healthcare providers, human error also presents a high risk, due to the amount of information shared between organizations. And if you think that data protection through password and user ID is enough, think again. Though this is a good starting point, it’s not sufficient. No matter how long or complex your password is, hackers are able to download something on your computer that records and reports your keystrokes. The moment you type in your user ID and password, cybercriminals will get your information.
Preventing cyber-security risks and protecting patients and their PHI data has become more pressing than ever before. The key to protecting your organization’s data? Simple and affordable, but strong solutions that identify risks without placing too many barriers in front of system users.
Our experience allows us to understand that privacy and security in health IT is more than just safeguarding data. It’s about identifying risks and protecting your healthcare organization’s infrastructure. Our experts agree that the only way to address cyber threats are practical solutions that are easy to implement, scalable, and cost-efficient. We have designed our Privacy&Security Solutions Toolkit as a simple and affordable monthly subscription service.
Protecting your organization’s sensitive patient data no longer is a choice, it is a necessity. Stop presuming that it won’t happen to you. If your healthcare organization has not established a Privacy and Security solution yet, don’t wait another day.