Protect Your Office Against Ransomware

Imagine that one day out of nowhere your patient data becomes inaccessible. You call The Bridge Network’s technical support and ask them to fix it. That’s when you learn your files are ‘locked’ and can only be unlocked by paying ransom in Bitcoins to some unknown hacker in some untraceable location. Plan B? Restore from backup. Worst case scenario, you lose the day’s data. Some of it can be re-entered from memory, some things are lost for good. But wait, your USB backup drive that is set up to copy files every night is also locked. You have no choice but to pay the ransom…and who knows if that will even work?

How does it happen? Ransomware is distributed in a number of ways. The most common variant we see, called CryptoLocker, is often distributed via spam email attachments from infected email accounts. Be very certain about the nature of an attachment before you open it. Another means of infection is by visiting infected Websites which download the virus without your knowledge (known as a drive-by download). Both of these problems can be addressed with IT solutions from your hardware vendor and a little bit of awareness on your part (you’re welcome!).

Damage Control. The security of your backup is the key to keeping the damage under control. If you have a valid nightly backup that has not been infected, then the data loss is contained. If your backup is a simple file copy to a USB or network attached storage, then you are out of luck as any attached USB drives, or network drives, are likely to be infected. One way to be certain that your backup is beyond the reach of CryptoLocker is to use an online backup, like BackTrack, and set it to back up multiple versions of files. Even if you back up the infected file, your previous version of the files are safe.

If your office is still running Tracker 10, moving to Tracker 11 is something you should seriously start to consider. Available for more than four years, Tracker 11 and its Microsoft SQL Server database is inherently more secure than Tracker 10’s Access database.

With this knowledge in hand, it may be time to have a chat with your hardware vendor so you know if you have the appropriate safeguards in place.

Comments

There have been no comments made on this article. Why not be the first and add your own comment using the form below.

Leave a comment

Commenting is restricted to registered users only. Please register or login now to submit a comment.

Twitter