Risk assessment: Expert tips for combating ransomware, identifying search results malware

Consider behavioral-based privilege, user monitoring and remember not all anti-virus software is protection enough.
By Bill Siwicki
10:06 AM
Share
combat malware

Ransomware can be devastating to a healthcare organization. The WannaCry and Petya attacks showed just how badly an attack can interrupt healthcare operations and endanger protected health information.

Cybersecurity experts who have been plowing through this era of nonstop attack attempts have learned a lot along the way. And some of those professionals are glad to share the lessons they've learned in order to help other healthcare organizations avoid a crippling attack.

[Also: Black Book: 84% of hospitals lack a dedicated security leader]

Here are seven useful tips to help weather this dangerous cybersecurity environment.

Keep your IT systems up to date. "Healthcare organizations should improve software currency," said Jim Routh, chief security officer at Aetna. "Track the inventory of software running on all devices, configure servers consistent to hardened security standards, update software regularly and patch vulnerabilities."

When buying antivirus tools, caveat emptor. Beware of viruses masquerading as virus protection, advised Penny Garbus, co-founder of Soaring Eagle Consulting, which specializes in cybersecurity and database management. "Do your research and make sure you're purchasing your virus protection from a reputable brand," she said. "Be careful of virus protection software that appears magically and tells you it detected a virus. If you don't recognize the brand, ignore the findings. That notification may be a virus itself."

[Also: AHIMA releases 17 steps to cybersecurity as attacks increase]

Stay on top of access management. Healthcare organizations also need to set up procedures and protocols for data access. It's important to make sure access to data is limited. "For example, the system administrator role should be handed out to a limited number of employees who should not share login information with each other," Garbus counseled. "Also, when an employee leaves, make sure their access is taken away and passwords changed."

Limit web availability. Routh at Aetna said that healthcare organizations should remove Internet access to the server message block protocol for internal devices. "And, reduce the number of privileged users; consider options for behavioral-based privilege user monitoring," he added.

Be careful about search results. "Sometimes a Google search itself makes you vulnerable," Garbus warned. "Don't download anything unless you know you are on the correct site. Criminal hackers now have very sophisticated strategies to get you to click and download their malware and can infect your environment very quickly."

Backup your data. Having backups of all important data is a must, the experts said. If information is backed up to an offsite location, an organization will not lose it to cyber kidnappers.

Ring in the new year with a new risk assessment. Healthcare organizations should review their security processes at least once a year, experts suggest.

Future-proofing security

Why cybersecurity is top of mind for forward-looking healthcare orgs.

Twitter: @SiwickiHealthIT
Email the writer: bill.siwicki@himssmedia.com