FBI Warns of Imminent Ransomware Attacks
October 29, 2020
The FBI has issued a Joint Cybersecurity Advisory with the U.S. Department of Health & Human Services (HHS) and the Cybersecurity & Infrastructure Security Agency (CISA), warning that the agencies have “credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.”
The threat in question is a particularly nasty form of ransomware that can infect numerous systems across a network, encrypting all data and bringing an organization to its knees in pursuit of a hefty ransom. In response, the FBI, HHS and CISA are recommending that hospitals and healthcare systems implement numerous measures as soon as possible, including:
- Prepare to maintain continuity of operations if attacked (review your plans within the next 24 hours)
- Be prepared to reroute patients
- Ensure proper staffing for continuity
- Know how to contact federal authorities when phones are down, or email has been wiped
- Establish and practice out-of-band, non-Voice over Internet Protocol (VoIP), communications
- Rehearse IT lockdown protocol and process, including practicing backups
- Ensure backup of medical records, including electronic records, and have a 3-2-1 backup strategy – the rule calls for three copies of all critical data to be retained on at least 2 different types of media, with at least one of them stored offline
- Expedite patching response plan within 24 hours
- Check that your anti-virus and endpoint detection and response (EDR) are running; a stopped state may indicate compromise
- Power down (turn off) IT where not used
- Consider limiting use of personal email
ISMIE Mutual has long urged policyholders to follow cybersecurity best practices, and your policy includes top-notch cyber liability coverage to protect you in the event of a claim. But falling victim to a ransomware attack can still be enormously damaging to your practice and your finances, not to mention your patients whose data may be compromised.
To protect yourself, review the FBI advisory with your IT professionals. Our resource on cybersecurity also contains valuable information to help policyholders develop and implement policies and procedures that can protect you against attacks like this. Key points include making sure you have current encrypted backups of all critical data stored off-line or in separated networks, and having a well-rehearsed crisis response plan in case your systems (including email and VoIP-based phone systems) are compromised.
For more information, please contact us.