Is your business in the healthcare industry?
If so, be advised that recently, the FBI and the US Cybersecurity and Infrastructure Security Agency (CISA) have issued a statement in conjunction with the Department of Health and Human Services warning of an "Increased and Imminent Cybercrime Threat."
According to the jointly released statement, the agency Directors warned that hackers around the world are specifically targeting companies in the healthcare industry with the Ryuk ransomware strain. They're warning IT professionals in the industry to be both watchful and even more vigilant than usual.
In addition to issuing a warning, the government agencies also spelled out a list of specific action steps your company can take to prepare for a Ryuk attack.
These things include the items you'd expect
- Making sure you've got the latest security patches installed for Windows and the other software you rely on
- NOTE: too often these patches are found not to have been updated in a timely fashion leaving clinics and hospitals wide open to breaches
- Reviewing your incident response plan, or if you don't yet have one, making one as quickly as possible, coming up with plans to redirect your patients in the event of a successful attack
- Making sure your backups are current
- Limiting personal email/employee education about email
One of the less obvious recommendations to come out of the advisory was that all devices connected to the network should be turned off when not in use, so that in the event of an attack, those devices at least, are spared.
Our perspective
In any case, there are three big, well-known, well-respected government agencies, all saying that these attacks are coming and are much more likely in the weeks and months ahead. With that in mind, be sure your staff is on high alert and that your network is as secure as you can reasonably make it, with contingency plans in place in case the worst happens. Stay vigilant out there.
~ As Hill Street Blues' Sgt. Esterhaus always advised: "Hey, let's be careful out there!" ~
By Denis Wilson and Melissa Stockwell
Thanks for reading this short post. For more tips on thriving with small business technology, check out the other blog posts at DWPIA Blogs. You can find me on LinkedIn, Facebook, and Twitter.
I am also a published author and speaker in cloud computing and cybersecurity, working extensively with business and professional associations to provide small business technology education programs. Contact me if you would like me to speak at your association