Ransomware is nothing new and always top of mind for us, it’s dominating the IT Security world for the past two years. With two major attacks in quick succession – May’s catastrophic WannaCry attack followed up by June’s Petya attack – everyone is on high alert and looking for the best route to keep their organizations and end users safe.
The numbers don’t lie: 2016 saw four times as many ransomware attacks as previous years, and 2017 is already on a path to being even worse – some studies warning the number could double over 2016’s already astronomical number of attacks. Meanwhile, as ransomware is making headlines, data breaches continue to be a major concern, with new regulations on the horizon and the weight of the damage to reputation of a clinic or hospital as data breaches can cause.
While healthcare and financial services businesses are most frequently hit, no industry is immune: 92% of IT firms reported ransomware attacks on their clients. Despite these numbers, according to the FBI only one in four attacks are actually reported.
There’s a temptation to simply pay the ransom and move on, but the FBI also warns that 70% of businesses who paid the ransom were attacked again later!
What Veterinary Clinics and Hospitals Must Do
A great deal of industry chatter focuses on having dependable backups of your data, but getting ahead of the problem can save Veterinary business owners countless hours – prevention is better than recovery. One of the key culprits for WannaCry’s success was a vulnerability in Windows machines that Microsoft had already provided an update to close off. Patches had already been issued to protect against the exploits used in March of 2017, but unpatched machines or out of date, unsupported operating systems were still vulnerable.
Like disk encryption can prevent data breaches when an employee loses a laptop, specifically designed solutions to protect against ransomware can save the day for organizations of all sizes, and show. You must use a layered approach and review exactly how ransomware enters into an organization if it does occur! New solutions like our new Security platform caught WannaCry and Petya for any clinics and hospitals that that had implemented our product!
Of course, a dependable backup shouldn’t be neglected – it’s good practice not just for ransomware but all potential threats. Most important is to try and NEVER PAY THE RANSOM. If you have a solid backup plan and roll-back option is the plan vs paying the hackers to get your data back. With the right preparation and tools in place, you would NEVER have to pay the ransom. But again a layered approach is a must!
Human Error: The Largest Attack Vector
The bottom line: the end user (your employees) is still the biggest attack vector for hackers, particularly with the advanced social engineering techniques bad actors are using to fool users. Phishing emails have open rates most marketing departments would kill for, and that speaks to how well-crafted the messaging has become for these attacks. Educating your employees about what these malicious emails and messages are, what they look like, and how to spot the signs of a malicious email will help stop an attack at the source: the end user clicking an email, link, or file that will launch the ransomware. Solutions like our training program can provide phishing simulations and educate users who fall for these simulated attacks, helping increasing the security posture of end users so that they won’t fall for a real phishing attack when one inevitably arrives.
More and more ransomware doesn’t even require the end user to download an attachment, so it’s easier than ever to make a mistake – the more education you provide your end users, the safer your organization will be.
Veterinary clinics and hospitals can make life easier by managing the layered solutions under one umbrella. Endpoint, anti-ransomware, anti-exploit technology, and user education and training through one partner, one pane of glass, one management console. It’s challenging enough to prepare for the next attack – simplifying management of those solutions can help keep your clinic or hospital staff and try and stay ahead of the next threat. And with solutions like our Synchronized Security, endpoints and firewalls can work together automatically to keep threats at bay, while features like rollback and root cause analytics – available through our Antivirus/Antimalware solution – can lock down an attack, restore any damaged files, and help you and your staff analyze exactly what happens so you can plan for the future. Last, a centralized platform should allow for easier roll out of patches needed to assure the security gap is filled as soon as possible without the need to manually go around to each machine saving a boat load of time (i.e. patching all your machines with a click of a button)
Use the Contact Tab to reach and so you can learn more about our affordable platform and get a free 30 day trial and reports that can assist you gaining Insight into your possible security gaps you need to fill for your clinic or hospital. Or call Joe Axne the owner at 303-520-3733!