U.S. Warns of Increased Risk of Ransomware Attacks Targeting the Healthcare Industry

Dechert LLP
Contact

Dechert LLP

On October 28, 2020, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) issued a joint cybersecurity advisory (the Joint Cybersecurity Alert) to warn the healthcare sector that there is “credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.”

The complete Joint Cybersecurity Alert provides specific details regarding this threat and can be found here.

Healthcare companies should be aware of the heightened risk of potential ransomware attacks targeting the sector. Below are some practical steps you can take right now to decrease the risk of attack and to be better prepared should your organization fall victim:

  • Review your cyber insurance coverage. Is it up to date and does it cover ransom?
  • Do you have a good incident response plan? If your company is still in WFH mode, be sure that all who may be activated in the event of an incident have a paper copy of the plan at home.
  • Do you have a way for senior management to communicate if your network systems are all down? We recommend setting up a secure texting app string before an attack occurs.
  • Have your employees been educated on how to detect (and report) phishing emails and the exponential increase in phishing attacks since March of 2020? Phishing emails have increased more than 35 times the normal rate during the COVID-19 pandemic.
  • Are your employees only accessing the network through approved devices and secure networks (with up-to-date anti-virus software and patches)?
  • Have you done trainings and table top exercises to prepare for a cybersecurity incident? We recommend taking this step now so that senior management develops muscle memory for what to do in an incident. The midst of a crisis is not the time for learning on the fly.

The Joint Cybersecurity Alert also includes a list of network security best practices that organizations in the healthcare sector may consider to mitigate risk. These include the following:

  • Patch operating systems, software, and firmware as soon as manufacturers release updates.
  • Check configurations for every operating system version to prevent issues from arising that local users are unable to fix due to having local administration disabled.
  • Regularly change passwords to network systems and accounts and avoid reusing passwords for different accounts.
  • Use multi-factor authentication (MFA) where possible.
  • Disable unused remote access/Remote Desktop Protocol (RDP) ports and monitor remote access/RDP logs.
  • Implement application and remote access restrictions to only allow systems to execute programs known and permitted by the established security policy.
  • Audit user accounts with administrative privileges and configure access controls with least privilege in mind.
  • Audit logs to ensure new accounts are legitimate.
  • Scan for open or listening ports and mediate those that are not needed.
  • Identify critical assets; create backups of these systems and house the backups offline from the network.
  • Implement network segmentation. Sensitive data should not reside on the same server and network segment as the email environment.
  • Set antivirus and anti-malware solutions to automatically update; conduct regular scans.

We recommend reviewing the Joint Cybersecurity Alert and evaluating your organization’s cybersecurity policies and programs in light of the potential cybersecurity threats that are identified in this Alert.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Dechert LLP | Attorney Advertising

Written by:

Dechert LLP
Contact
more
less

Dechert LLP on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide

This website uses cookies to improve user experience, track anonymous site usage, store authorization tokens and permit sharing on social media networks. By continuing to browse this website you accept the use of cookies. Click here to read more about how we use cookies.