Sophos Intercept X Security

Be Prepared for Ransomware Because You Will Get Hit Eventually

It has happened again. Another hospital system has been attacked by a ransomware. A malicious software that locks down our systems, encrypts our files and will only release them once a fee has been paid. This time It’s MedStar Health in the Baltimore area. http://www.baltimoresun.com/health/bs-hs-medstar-computer-outage-20160328-story.html

Tennessee Orthopedic Alliance, Presbyterian Medical Center in Southern California, Kentucky Methodist Hospital, Chino Valley Medical Center and Desert Valley Hospital have all been in the headlines for ransomware attacks recently. Thousands of infections go unreported and the nefarious programmers who designed this are making serious money. One FBI agent is quoted during a cyber security conference as stating “the easiest thing may be to just pay the ransom… the ransomware is just that good.” –rrstar.com

As the CEO of a national IT firm, I’ve watched my team battle with the rise in virus and ransomware attacks over the past couple of years. I’ve even found myself standing in front of a teller at a national bank, transferring money into a total stranger’s account for an express bitcoin purchase to pay the ransom for a client who had no other choice. Trust me, the entire exercise is unnerving.  The reality is we do have a choice, but only before the infection. We have to educate, plan and protect to avoid falling into a situation where the only options left are to either sacrifice the data or pay these cyber thugs.

The primary point of entry for ransomware is through an unsuspecting employee who really thought there might be a FedEx tracking number attached to that email, or Amazon was truly rewarding them for being a loyal customer with a gift certificate. The lures are getting smarter and so should we. Sound the alarm.

Warn the team that we all have to be incredibly conscientious when opening emails. Unless you know the sender and you are expecting it, do not click on a download, link or attachment. If its suspicious, ask administration or your IT support to take a look. Additionally, we need appropriate security measures in place as well as a solid backup solution. Onsite backup strategies with multiple generations as well as offsite snapshots of our data is a must. No data that is important to us should be stored on individual machines that are not backed up. Centralize the files for simplified backup and security. Reevaluate your disaster and recovery safeguards to include contingencies for malicious software attacks. At the rate this epidemic is spreading, the question is not IF you will face this challenge, but WHEN will it happen.

Fortunately, 98% of our clients who have endured ransomware infections have been prepared. We were able to avoid paying the ransom by tracking down the installation, removing the threat and restoring valid data from backups. Pre-planning and strategic preparation is the only way to currently protect our businesses. We’ve helped hundreds of businesses, like yours to put these preparations in motion. If you have any concerns about how ready you might be for a ransomware infection or disaster of any kind, I invite you to schedule a call with one of our security specialists. We’d be happy to review your current strategy and help plug any holes we find.