On October 29, 2020 the Federal Bureau of Investigation (FBI), Department of Health and Human Services (HHS), and Cybersecurity and Infrastructure Security Agency (CISA) released a joint cybersecurity advisory. This advisory warns the healthcare industry that they are being specifically targeted to these ransomware attacks.
What is Ransomware and how does it affect my practice?
Ransomware is a type of malware that encrypts and holds you data for ransom. In most industries, you can restore from a backup and not worry too much but in healthcare, this is a HIPAA breach! See this sheet from the FBI and HHS about ransomware breaches. Unfortunately, most IT companies won’t be honest or upfront about this being a breach.
What can be done to help prevent this?
If you haven’t already, read our previous article about HIPAA. It talks about ways to prevent attacks like this.
You should make sure that Remote Desktop Protocol (RDP) is closed on your router. Configure your router to only allow DNS requests from your server. your workstations should look at your server for DNS. You should always login as a regular user, not admin. Have your IT block the domains and IP’s listed in the advisory.
Another thing that all HIPAA entities should consider is paying a third party to do a penetration test of your network to find holes. This company should NOT be affiliated with your IT company but your IT should know about it.