Cyber Insurer Offers Some Ransomware Insights

MedStar Health's 10 hospitals, and several other North American hospitals, have fallen prey to malware attacks in recent weeks.

The attacks, many involving ransomware, highlight why it's so important for healthcare organizations to take critical steps to avoid becoming the next victim, says technology expert Craig Musgrave of The Doctors Company, a provider of cyber insurance and medical liability coverage.

"The No. 1 issue is social engineering; it's the employee negligence," Musgrave says in an interview with Information Security Media Group. All healthcare organizations "should be providing training for all employees .... [because] over 80 percent of the attacks are made possible by human error where they'll click on a link or open an email attachment. If we can train the staff to avoid downloading [suspicious files] or bringing USB devices into the systems, then that's going to cut out a lot of the [ransomware] events that are happening."

But if an employee does make the mistake of clicking on an attachment that launches malware, healthcare organizations must take swift steps to mitigate the impact, he says.

"From the technical standpoint, the IT department needs to be making sure they have the appropriate controls in place around firewalls, application whitelisting and ... intrusion detection," he says.

"You need to be able to detect that something is going on very quickly so that you can stop it from spreading across the organization," Musgrave explains. "Once you're at that point where you can isolate [an infected] computer and take it off the network, then it gets down to how good are your backups, and can you restore systems as quick as possible."

Some hospitals have been able to recover from ransomware attacks without paying extortionists because they had well-prepared backups that enabled them to restore systems and data reasonably swiftly, he says. But other hospitals have had a more difficult struggle because the ransomware spread to main computer systems within the organization, making it more challenging to mitigate the attack, he says.

Hospital Attacks

In February, Hollywood Presbyterian Medical Center in California confirmed that it paid extortionists a $17,000 bitcoin ransom to unlock its data, which was maliciously encrypted by extortionists using ransomware.

But some other hospitals battling recent ransomware attacks, including Chino Valley Medical Center and Desert Valley Hospital in California, have confirmed that that they were able to recover from the attacks without paying ransoms.

DataBreachToday:

« German Police Catch Suspect in Global Cyber Crime Operation
The Delayed FinTech Revolution »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Serena

Serena

Serena Software helps increase speed of the software development lifecycle while enhancing security, compliance, and performance.

Altius IT

Altius IT

Altius IT reviews your website for security vulnerabilities and provides a report identifying vulnerabilities and recommendations to make secure.

MNCERT/CC

MNCERT/CC

MNCERT/CC is the national Computer Emergency Response Team for Mongolia.

ABB

ABB

ABB is a pioneering technology leader in industrial digitalization. Services include cyber security for industrial control systems IoT.

Netresec

Netresec

Netresec is an independent software vendor with focus on the network security field. We specialize in software for network forensics and analysis of network traffic.

United Security Providers

United Security Providers

United Security Providers is a leading specialist in information security, protecting IT infrastructures and applications for companies with high demands on security.

SecureAppbox

SecureAppbox

SecureAppbox provide solutions that protects the communication of sensitive data as well as advice on data security and compliance with GDPR.

Cansure

Cansure

Cansure is a leading insurance provider in Canada offering a broad range of property & casualty insurance solutions including Cyber & Data Breach insurance.

CloudOak

CloudOak

CloudOak is a cloud channel provider for hybrid cloud Backup as a Service (BaaS), Disaster Recovery as a Service (DRaaS) and Archiving to Small to Medium Business (SMB).

Cyber Security Jobs

Cyber Security Jobs

Cyber Security Jobs was formed to help job seekers find jobs and recruiters fill cyber security job vacancies.

Cyber Resilience

Cyber Resilience

Cyber Resilience offer an intensive program designed to help you create strategies to quickly become cyber resilient and to manage cyber risks in a measurable and predictable way.

CloudSphere

CloudSphere

CloudSphere’s flagship Cloud Governance Platform enables enterprises and cloud service providers to simplify and optimize cloud migration, management, and governance.

Security & Intelligence Division (SID) - Singapore

Security & Intelligence Division (SID) - Singapore

Security & Intelligence Division (SID) protects Singapore from external threats and safeguards its interests in areas related to terrorism, cyber security, other transnational threats, and geopolitics

SHI International

SHI International

SHI International deliver against your IT and business needs, helping you build strategies and solutions that will drive innovation, collaboration and security.

Keepit

Keepit

Keepit offer all-inclusive, secure, and reliable backup and recovery services for your data.

Metrodata Group

Metrodata Group

PT. Metrodata Electronics, known as Metrodata Group, is the leading information communication technology company in Indonesia.