*Follow up April 4, 2016* I was really heartened to see this follow up story to the Medstar Hospital ransomware attack mention all the security steps we also urge the nonprofit community to take.
“Hospitals can take a variety of steps to safeguard against these kinds of attacks, like using HTTPS encryption, two-factor authentication and implementing file backups on a separate server. “For hospitals right now, backups of customer data on unconnected machines or machines in other networks is essential” …
– NPR “All Tech Considered” https://www.npr.org/sections/alltechconsidered/2016/04/01/472693703/malware-attacks-on-hospitals-put-patients-at-risk
Original Post:
Today, following our recent webinars and posts on the topic of cyber security, I’m reminded of vulnerabilities in an industry that holds extremely sensitive information but needs to seriously safeguard it.
If you need a refresher on basic security for staff and updates on threats you should be prepared for, you can find slides and recordings of our webinars here, and other relevant posts in our library.
A computer virus paralyzed some operations at (MedStar) Washington-area hospitals and doctors’ offices, leaving patients unable to book appointments and staff locked out of their email accounts. Some employees were required to turn off all computers since Monday morning.
A law enforcement official said the FBI was assessing whether the virus was so-called ransomware, in which hackers extort money in exchange for returning a victim’s systems to normal…
…Monday’s hacking at MedStar came one month after a Los Angeles hospital paid hackers $17,000 to regain control of its computer system, which hackers had seized with ransomware using an infected email attachment.
– PBS Newshour https://www.pbs.org/newshour/rundown/fbi-to-investigate-virus-behind-outage-at-medstar-health-facilities/