A 167% growth in ransomware attacks in one year – are you protected?

Even the best firewalls can’t prevent every single virus from sneaking into your organization. Ransomware sliding through in email attachments can attack an entire system if opened. The best, most highly developed security systems can’t yet guard against human error – or trusting employees. If they believe that emails are harmless and attachments can’t possibly be dangerous, a lack of cynicism can bring even the highest virtual fortress to its knees. That is why employees must be trained and given the right tools to help protect your organization from ransomware and deadly viruses. 

Modern Healthcare emphasized the fact that frequent training of employees can help to stave off ransomware attacks. Human beings are the most important variable in the IT system. “People are often the weakest link in protecting against an attack, but they are also one of the most important pieces of the solution,” wrote author Rachel Z. Arndt. “Hospital leaders who realize this have turned to employee training programs to reinforce their cybersecurity efforts, complementing technologies such as antivirus software with responsible behavior and vigilance.” 

Establish a culture of cybersecurity awareness.

Healthcare organizations need to implement more than just one employee training class or handout on cybersecurity; they need to establish an entire culture around it. A recent article in Healthcare IT Security says “It is not just physicians, clinicians, and other staff members who must understand how to maintain proper cyber hygiene. CIOs, CISOs, and the entire C-suite should also know how to spot potential threats and what the proper course of action should be to prevent data security issues.

The issue is so serious that the American Hospital Association has launched a series of free training programs on managing healthcare cybersecurity. The sessions will prepare administrators for phishing attacks, cloud security threats, ransomware and data breaches created unintentionally by employees. 

Together, these types of training programs can teach administrators and front line employees to be cyber-vigilant. Education can retrain the eyes of hospital staff to see potentially suspicious incoming mail and begin to eliminate old assumptions and habits. Unfortunately, the health care workforce must learn to become more cynical when operating in the cyber theater to defend against privacy theft. 

Hospital administrators must know how to ask the right questions about organization wide cybersecurity: 

• What constitutes risk management in that arena? 
• How do we reduce our exposure?
  How do we protect patient information? 
• What is our incident response plan to cyber threats, breaches, and/or privacy theft? 

Employees must learn to be more diligent and less trusting. 

• Become relentless in the pursuit of cybersecurity. 
• Be tenacious in guarding against ransomware.
• Practice safe, new online habits. 

Lock the front door to prevent privacy theft.

There is another frontier that employees must protect and that is their working computer terminals. An open computer screen is an open door into the living, breathing IT system of a hospital and a high-value treasure trove for any cyber thief walking the halls of a hospital performing privacy theft. Healthcare information is being monetized in this new world. 

Granted, it is tiresome to repeatedly and frequently log in and out of computers. We estimate that each clinician makes 50 to 60 login and logout entries every day. That quickly creates security fatigue. Locking computer screens automatically is the very first step that organizations can take to ramp up their cybersecurity. While the internal IT system builds the cybersecurity fort, locking computer screens automatically pulls up the drawbridge. Privacy theft foiled by cyber security!

Protect against privacy theft with GateKeeper Enterprise.

Innovative technology like GateKeeper Enterprise eliminates the 50 to 60 mouse clicks needed before work can begin. It’s a wireless key that stores login/logout credentials with military-grade AES256 encryption. The user carries the key. When the key is in range, the GateKeeper software authenticates the user and logs in. When the key moves out of range, the GateKeeper software automatically locks the computer. No private information is stored on the key and credentials are never transmitted over the air – so private information can never be sniffed. GateKeeper contains advanced authentication for heightened security and meets compliance requirements. It’s implemented immediately on all computers on the patient floor. That’s a lockdown you can count on.

Ransomware isn’t going to disappear any time soon. If anything, it’s on the rise. Forbes reports that there were 638 million ransomware attacks in 2016, “…more than 167 times the number of attacks in 2015.” Along with best practices training, diligence and perseverance, we think locking the door to the castle is a smart first step. Everyone needs to know the rules of passwords. In conclusion, ransomware is getting worse and that’s what GateKeeper Enterprise for authentication helps to mitigate privacy theft incidents.