BotNet News

The COVID-19 pandemic has heightened the threat of ransomware attacks on healthcare organizations and businesses of all kinds. Fortunately, hospitals can better prepare themselves for this new reality by appreciating the foes they now face and updating cybersecurity and enterprise risk management practices to correlate with the elevated threat level. They also need to communicate the nature and seriousness of the threat with staff, business partners, public policy organizations and law enforcement agencies to foster greater awareness.

Ransomware is malware that encrypts files or forces them to mine cryptocurrency (a process that requires expensive computing power) for attackers. Its goal is to force victims to pay a fee for the key to decrypt their files or return control of their systems and applications. Some variants of ransomware keep a data record of the private key for decryption, which is stored as a separate file or appended or prepended to existing files.

Once encrypted, the ransomware may even corrupt some files beyond repair, making them inaccessible. This is why it’s critical for any organization to back up important files outside the centralized network in a way that can be rolled out to impacted devices and networks if necessary.

Hospitals and their business partners should also develop a ransomware response plan with appropriate steps for detecting and responding to an incident. This should include an incident response team, documentation of the incident as it unfolds, communication with staff and other stakeholders, consultation with vendors, lawyers, insurance providers and law enforcement if needed.