Presentation is loading. Please wait.

Presentation is loading. Please wait.

Ransomware Guidance For Health Centers

Published byRuby Merritt Modified over 6 years ago

Similar presentations

Presentation on theme: "Ransomware Guidance For Health Centers"— Presentation transcript:

1 Ransomware Guidance For Health Centers
Prevention and Mitigation Strategies Ransomware Guidance For Health Centers

2 Overview Introduction to Ransomware Problem Statement
Modes of transmission Potential Repercussions Prevention Methods Further Resources

3 Introduction Ransomware
Is a type of malware that takes control over a computer or computer system by encrypting all the data on the drive The data is then held at ransom until a predetermined cost is paid. Due to the use of cryptocurrencies (e.g., bitcoins) for payment it is difficult to track those demanding the ransom making it tough to prosecute

4 Problem A rapid increase in the computerization of health care organizations, many without the capacity to keep up to date with the extensive privacy and security measures required, has made them targets for cyber-criminals. In the last couple of years there have been numerous ransomware attacks that has held critical hospital data at ransom. Health Centers may be perceived as more vulnerable targets by cyber-criminals due to a potentially smaller IT staff and older set of IT infrastructure (e.g., operating systems without latest security updates).

5 Examples in the News Massive Locky ransomware attacks hit U.S. hospitals Security report - Nearly 90 percent of ransomware attacks target healthcare Virginia dermatologist hit by ransomware attack, records for 13,000 patients seized

6 Ransomware Transmission
s posing as legitimate business or tempting links Trojans acting as update requests Anti-Virus programs patches and updates Windows system updates False “You’ve got a virus” notifications Gaining access by exploiting known network or security softwarae vulnerabilities

7 Turn the Lights on Ransomware
This YouTube video provides an exciting ransomware re-enactment that helps explain how a ransomware incident occurs, common mistakes and methods for mitigation. It also includes a link to a Ransomware Readiness Assessment by the security vendor TrendMicro. Ransomware Readiness Assessment:

8 Ransomware in Action In this YouTube video security specialists show a live example of how ransomware moves through and encrypts a system’s files. YouTube video link:

9 Ransomware in the Cloud
Ransomware spreading via the cloud: Virlock another twist on cyber scourge

10 Repercussions Financial Legal Reputation
Ransoms through ransomware continue to grow in costs as ransomware methods become more sophisticated. Outside of the ransom, the cost due to downtime, recovery, and security maintenance can be considerable Legal Privacy and security negligence may constitute legal ramifications based on state and federal policies and regulations (e.g. HIPAA). Personal lawsuits may be leveled if there is perceived harm Reputation Ransomware events have become a hot topic and speak poorly of the victims regardless of the exact circumstances. Patient’s may be hesitant to initiate or reconsider care if they perceive that a provider is unsafe with their health data

11 Primary Prevention Methods
Employee Security Training and Awareness Educate staff on what ransomware is and common traps they might experience Instill and website suspicion. Help staff know what to look for and what to do if they find something suspicious Teach staff to not click on any links or files un-related to work and inform them of the possible consequences of these types of actions Test and educate: Send a false with a traceable link

12 Primary Prevention Methods
Backups Confirm that backup routines are actively deployed Confirm that backups can be effectively restored Anti-Virus programs Scan both inbound and outbound s regularly Authenticate inbound s Firewalls & Network Access Control Block access to known malicious IP addresses. Many are well documented. Provide concise configurations for access to files, directories and networks

13 Removal The following provides a preliminary list of videos with examples on how conduct specific types of ransomware removal: Depending on your vendor, as a preventive measure, you should request direct advisement on the processes required for removal of commonly known ransomware

14 WannaCry Ransomware Primary Systems Affected - Microsoft Windows operating systems Aliases - A ransomware variant, known as WannaCry, WCry, or Wanna Decryptor, was discovered May 12, 2017 Method - access gained to enterprise servers either through Remote Desktop Protocol (RDP) compromise or through the exploitation of a critical Windows SMB vulnerability. According to open sources, one possible infection vector is via phishing s. Prevention - Microsoft released a security update for the MS17-010 vulnerability on March 14, 2017. Further Information:

15 Further Ransomware Resources
U.S. Justice Department’s Protecting Your Networks from Ransomware: ONC’s Ransomware and HIPAA Fact Sheet: NSA’s Information Assurance Department’s Top 10 Information Assurance Mitigation Strategies: A Socio-Technical Approach to Preventing, Mitigating, and Recovering from Ransomware Attacks:

16 This project is supported by the Health Resources and Services Administration (HRSA) of the U.S. Department of Health and Human Services (HHS) Training and Technical Assistance National Cooperative Agreements under grant # U30CS29366 for $1,954,318. This information or content and conclusions are those of the author and should not be construed as the official position or policy of, nor should any endorsements be inferred by HRSA, HHS or the U.S. Government.

Download ppt "Ransomware Guidance For Health Centers"

Similar presentations

HIPAA Regulations What do you need to know?.

HIPAA Regulations What do you need to know?.
Jill Moore April 2013 HIPAA Update: New Rules, New Challenges.

Jill Moore April 2013 HIPAA Update: New Rules, New Challenges.
Website Hardening HUIT IT Security | Sep 30 2011.

Website Hardening HUIT IT Security | Sep
Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.

Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
Information Security Technological Security Implementation and Privacy Protection.

Information Security Technological Security Implementation and Privacy Protection.
UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.

UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.
“ Technology Working For People” Intro to HIPAA and Small Practice Implementation.

“ Technology Working For People” Intro to HIPAA and Small Practice Implementation.
How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.

How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
Lecture Materials for the John Wiley & Sons book: Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions October 7, 2015 DRAFT1.

Lecture Materials for the John Wiley & Sons book: Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions October 7, 2015 DRAFT1.
Unit 6b System Security Procedures and Standards Component 8 Installation and Maintenance of Health IT Systems This material was developed by Duke University,

Unit 6b System Security Procedures and Standards Component 8 Installation and Maintenance of Health IT Systems This material was developed by Duke University,
A Growing Threat Debbie Russ 1/28/2015. What is Ransomware? A type of malware which restricts access to the computer system that it infects, and demands.

A Growing Threat Debbie Russ 1/28/2015. What is Ransomware? A type of malware which restricts access to the computer system that it infects, and demands.
GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc. September 21, 2015.

GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc. September 21, 2015.
Lesson 9-Information Security Best Practices. Overview Understanding administrative security. Security project plans. Understanding technical security.

Lesson 9-Information Security Best Practices. Overview Understanding administrative security. Security project plans. Understanding technical security.
Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.

Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.
Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.

Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.
Financial Sector Cyber Attacks Malware Types & Remediation Best Practices

Financial Sector Cyber Attacks Malware Types & Remediation Best Practices
Security and Assurance in IT organization Name: Mai Hoang Nguyen Class: INFO 609 Professor: T. Rohm.

Security and Assurance in IT organization Name: Mai Hoang Nguyen Class: INFO 609 Professor: T. Rohm.
OESAI COMPREHENSIVE GENERAL INSURANCE TECHNICAL TRAINING.

OESAI COMPREHENSIVE GENERAL INSURANCE TECHNICAL TRAINING.

Similar presentations

Ads by Google