Providers Should Be on Alert for Ransomware Attacks
As has been reported, health care providers are currently facing an imminent threat of cyberattacks targeting the sector. Click here for more background on this issue. On Nov. 5th, the Department of Health (DOH) held a webinar to provide more information; the webinar was recorded, and we will share it with members once the Department makes it available. We strongly urge you to review it to ensure that you are taking necessary steps to mitigate risk and accessing resources if you are attacked.
The webinar provided information that was technical in nature that your IT professionals should review; however, there were some key high-level takeaways. Phishing email seems to be the source of at least some of these attacks. There are unique challenges and vulnerabilities with people working remotely and with people being focused on the COVID-19 pandemic. However, there are proactive steps you can take to mitigate risk, including training your staff about cybersecurity, phishing, etc. You should ensure that you have the ability to operate even if you lose access to your electronic systems.
If you are attacked, you should report the attack to DOH so they can provide resources and support. A Dear Administrator Letter (DAL) and Frequently Asked Questions (FAQs) from DOH describe a new notification protocol to be followed to inform DOH of cybersecurity incidents.
It was noted that typically, before ransomware is detonated, the attackers have been in your system for some time, looked at email and your direct deposit system, tried to divert funds to themselves, etc. Keep in mind that if you are attacked and obtain the keys to decrypt your data, recovery and decryption can take a lot of time, so backup operational systems are critical.
Additional information and resources regarding this issue include the following:
- DOH issued an advisory referencing three ransomware attacks occurring recently that have impacted a health system, a separate hospital, a local health department, and its county-operated adult care facility (ACF).
- The federal Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) issued a joint advisory describing the threat of ransomware attacks and the steps providers can take to mitigate the threat.
- LeadingAge NY and GreyCastle Security provided more information and resources here.
Contact: Diane Darbyshire, ddarbyshire@leadingageny.org, or Karen Lipson, klipson@leadingageny.org, 518-867-8383