How to Avoid the Ransomware Trap

Healthcare data continues to be valuable on the black market. Cybersecurity risks have increased during COVID-19.

We can help your practice stay on top of the latest healthcare news, rules, regulations and trends.  Subscribe to stay current and up to date on important matters that will impact your practice.  (To subscribe to our blog click here).

Ransomware is a huge risk to healthcare entities. A ransomware attack commonly occurs when a bad actor encrypts or locks an entity’s data, while demanding money to restore access.

Most ransomware attacks are started through a phishing email and a single download.

A recent ransomware attack on the University of California San Francisco began with a $3 Million demand. Netwalker was the responsible ransomware gang.

Following negotiations with Netwalker, UCSF paid $1.14 Million to unlock their data.

Netwalker’s website resembles a standard customer-service website. It has an FAQ tab, live chat, and a ‘free’ sample of software. Their website also had a countdown timer related to when they will delete data or increase the ransom price.

UCSF ultimately decided to pay the ransom to protect their data.

So how do you protect your practice?

First and foremost, make sure that all of your security measures are compliant with HIPAA and up-to-date.

Next, it is essential that you train your employees. Phishing emails target employees and can look very legitimate.

If you need help updating your HIPAA Risk Assessment or training employees, contact your healthcare attorney.

Employees should be trained often on the risks of phishing and threats to your practice. It’s a good idea to send fake phishing emails to staff and provide follow-up training.

In our next blog post, we will keep you informed of related issues.  To get this important information delivered directly to your mail box, click here to Subscribe.

Do you need help staying current and compliant with the latest laws, rules and regulations?  We can help. To contact us about your new government rules and regulations, your practice’s risk assessment, or about your other legal needs:  CLICK HERE.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.