Eye Doctors See The Light And Have Backups At The Ready
April 11, 2019
This is a bad news, but good news story in the healthcare industry. Every so often, we need a bit of optimism. A primary care eye clinic in Connecticut was the victim of a ransomware attack. Two servers were compromised in November and files that contained protected patient information were encrypted and a ransom posted. That’s the obvious bad news. But there is a happy ending that can certainly serve as a lesson to all about how to handle a ransomware situation.
The clinic of Dr. DeLuca Dr. Marciano & Associates, P.C. was the victim of this attack. Over 23,500 patient records were affected and reported to the Department of Health and Human Services. However, the office actually was able to restore the records from a backup and avoid paying ransom so everyone could get back to work quickly. That’s really great work by the IT team at this healthcare provider.
Maintaining current backups of all your important information is the way to combat ransomware. This applies regardless of what industry you’re in. The difference is that your organization may only need to backup daily. However, healthcare organizations, particularly those who deal in life and death situation such as hospitals may need to perform these more often. The timing is up to each organization and their IT teams, but doing these is essential these days.
In addition, keep those backups off the network if possible and if they must be connected at all times, be sure to segment them from the operational systems. Malware has now been found that also encrypts backups it finds, so be sure to keep that in mind when developing a backing up strategy.
Though it was not explicitly stated how the malware managed to find a way into this network, it was highly likely that it was through phishing. Someone likely clicked a link or attachment that was malicious and activated the ransomware. Always be 100% certain anything you click in email is safe. If you don’t know the sender, are not expecting a link or attachment, or have even the tiniest inkling it isn’t safe, just don’t click it. It’s better to pick up the phone and call the sender to verify first.
And remember not to use contact information found in the email. Use something you find or know independently to make the contact.
Dr. DeLuca Dr. Marciano & Associates has contacted the potential victims and is offering free credit monitoring. Although, there is no indication any patient information was accessed or used inappropriately.
These doctors deserve a big kudos for having a ransomware plan in place. It paid off for them, rather than for the criminals.