.
By CURTIS PARTRIDGE
When we think of business continuity or disaster recovery, disasters such as hurricanes or a structure fire come to mind. Though these do live top of mind due to the scale of the impact, businesses everyday are struck by more mundane, but just as destructive, disasters.
Recently a Central Florida surgery center had just such a disaster. Just after one o'clock in the afternoon one of the employees opened what appeared to be a harmless attachment in their email. No one noticed any issues with the network or files through the remainder of the afternoon. The office was closed for the next 3 days due to a long weekend. Upon returning to work the users noticed software operating correctly and files couldn't be opened. A scary message displayed on everyone's computer screen demanding payment to decipher their data.
A quick check by a remote IT tech confirmed the practice had been hit by ransomware. This fast-moving software had spread through the desktop computers and servers through the weekend. All their data was reduced to a jumbled mess of encrypted data.
Ransomware has been outpacing natural disaster for business data the past few years. Cybersecurity Ventures predicts that damage cost for just ransomware will exceed $5 billion in 2017. According to the Cisco 2017 Annual Cybersecurity Report, attacks are growing at a yearly rate of 350 percent. Business and organizations large and small are being hit by ransomware every day. Only the larger organizations such as the City of Atlanta or Hollywood Presbyterian Medical Center make the headlines, but businesses of all size are being attacked.
Criminals are targeting healthcare more than any other industry. According to Cylance in 2017 the industry suffered 34 percent of the attacks compared to the next sector which was manufacturing in 17 percent. Healthcare practices are data-driven enterprises and data protection is critical. Attackers are crafting specific attacks directed at this industry because they know they are more likely to pay. Reasons are to keep the practice operational as well as avoiding the embarrassment and liability of admitting to a data breach.
There are steps that a practice can take to protect themselves from ransomware. The least expensive and most effective to date is a good business continuity or data recovery system. These low-cost systems can take a snapshot of all your data, servers, and desktops as frequently as every few minutes. They can also detect ransomware and stop backup activity while alerting a technician to investigate. Importantly these systems can keep versions of data ranging from minutes to years to allow a roll-back to a time before the attack.
On the horizon information technology providers are beginning to test and implement cybersecurity systems that detect the ransomware attack and almost instantly begin an automated recovery of data. This eliminates the data recovery time of older systems that can take up to a few hours to a day or two to complete.
These preventive solutions are just a piece of the complete protection puzzle. Other items to consider are keeping systems up to date with current software patches, employee education regarding safe computer practices, anti-virus software, and network protection appliances such as firewalls with current software implementations. These systems must be proactively monitored and maintained on a near daily basis.
For more information
https://cybersecurityventures.com/ransomware-damage-report-2017-5-billion/
https://healthitsecurity.com/news/healthcare-industry-takes-brunt-of-ransomware-attacks
Curtis Partridge is a Senior Systems Engineer with Lotus Management Services, Inc., a provider of better solutions for small business IT in Florida.
Chat: lotusmserv.com/chat
