A ransomware attack against two locations of an Ohio-based hospital forced the hospital's IT department to take several computers offline. As a result, the two locations had to turn away numerous patients. Employees could only use paper charting, and the emergency room could only accept walk-in patients, so ambulances had to be rerouted to other hospitals.
The hospital had two levels of cybersecurity and was able to respond quickly to the ransomware attack, which limited the amount of damage caused by the attack. The hospital did not pay the demanded ransom because choosing that route could have led to system damage or permanent data loss. The hospital stated that the cybercriminals did not steal any patient data. Jake Doevan "Ransomware attacks Ohio hospitals leading to disabled networks" 2-spyware.com (Dec. 02, 2018).
Commentary and Checklist
Just like large organizations, family employers must have a plan for addressing a ransomware attack. Ransomware can easily shut down your family operations for days or even weeks if you are not prepared.
The United States Computer Emergency Readiness Team (US-CERT) recommends having security incident response and business continuity plans in place that you can turn to following a ransomware attack. It can take time for IT professionals to remove ransomware from your computers and restore your data. Having a plan for how you will function in the meantime means less loss of time and money.
If you do fall victim to a ransomware attack, immediately notify the authorities. Contact your local FBI or Secret Service field office.
There are several reasons why family employers should never pay a ransom as a solution to a ransomware attack, according to US-CERT. For one, cybercriminals are not trustworthy individuals. There is no guarantee that they will actually release your data if you pay them. Also, victims who pay may be asked to pay even more, or targeted with more cyberattacks, because cybercriminals now know that they are willing to be victimized. Finally, paying ransom demands encourages more cybercrime by making it a profitable venture.
For more information about ransomware, read US-CERT's Ransomware: What It Is and What To Do About It.
US-CERT recommends taking the following steps to protect yourself from lost time and money because of a ransomware attack:
- Back up all critical information and store it offline. Test your system to make sure you can revert to backups following an attack.
- Have cybersecurity experts conduct a cybersecurity risk analysis of your network.
- Train all staff on cybersecurity best practices. Keep this topic in the forefront of their minds by providing regular updates.
- Patch known system vulnerabilities.
- Only allow approved programs to run on the network.
- Test if and for how long you can sustain business operations without access to certain systems.
- Have cybersecurity experts attempt to hack your system to find out if your current security measures can defend against an attack.