In recent years, ransomware attacks have been focused toward health care facilities like medical pregnancy centers. Learn the key areas to protect your center against a cyber attack.

How secure are you? If I were to ask you that question, you might say: “Well, thanks to Jesus being my Lord, I am a new creation -- a brand new person! Living with the Lord in my life has helped me to walk in His security.” 

I would be pleased for you to say something like that! However, I am not talking about you personally or your spiritual journey. While I do hope you are thriving in your relationship with our Lord, I am currently concerned about the security of your computer system. As a Care Net Center Service Specialist, I have the privilege of communication with dozens of our affiliated centers. In one of my most recent calls, I asked the executive director about any recent challenges. The answer, ransomware. Unfortunately, this has not been the first center to deal with ransomware.

Before I go on with this post, please understand the information will be more technical in nature than my normal blog post. Actually, as I searched the articles on the Care Net site, I did not find one of this nature. Please don’t stop reading because of the technical nature! I promise I will not be teaching you how to dismantle a computer; I just want our centers to be able to glean from the not-too-fun experiences of other centers. This is an often neglected subject that needs intentional attention, so please take few minutes to read this post.

Just in case this is your first encounter with ransomware, it has been around since before 2005. According to Brian Barrett, a writer for Wired News, “Ransomware is just malware with a fancy name and a dash of extortion.”  According to Trend Micro

Ransomware is a type of malware that prevents or limits users from accessing their system, either by locking the system's screen or by locking the users' files unless a ransom is paid. More modern ransomware families, collectively categorized as crypto-ransomware, encrypt certain file types on infected systems and forces users to pay the ransom through certain online payment methods to get a decrypt key.

The ransom is usually requested in bitcoin although there can be other alternative payment methods requested while your information or system is held hostage. Unfortunately, the payment of the ransom does not guarantee the attacked system will be restored to order. Conservative estimates of the ransomware victims’ financial losses reach $5 million.

Furthermore, attacks in recent years have been focused toward hospitals and health care facilities. Guess who is included in those attacks? Yes, the medical clinics in our affiliate base are directly in the crosshairs of such attacks. From the suspected homeland of ransomware, a Russian attacker sought out opportunities to hack into one of our own medical clinics... leading to this very article. 

A 2016 story in Wired entitled,  “Why Hospitals Are Perfect Targets for Ransomware” tells the grim story that should heighten the cyber security for every center in the Care Net network.

Although the center to whom I am referring to in this article did not pay any ransom, the event led to the sacrifice of many hours of work and untold frustrations.  The remediation process cost them more than $17,000. On the other side of the event, this center is more protected than ever concerning ransomware or any other cyber attacks.

I am hoping that this article will be a kind warning that will help you to be more secure and avoid a costly fix! What can you do to avoid the situation? Let me start with some key areas to protect against attacks based on advice from the tech professionals gently spiced with lessons learned from the experienced.

Key Areas to Protect Against Attack

Email: Do not open emails from unknown sources. Exercise caution when dealing with email, IM conversations, and web messages received from unknown sources or even received unexpectedly from known sources. Use extreme caution when accepting file transfers from known or unknown sources. Do not click on a link in an untrusted or an unexpected email. Get rid of the unknown emails. Always confirm with the sender when an unexpected email shows up from a trusted source.

Websites: Do not click on strange links or pop-ups on websites. Exercise caution with links to web pages that you receive from unknown sources, especially if the links are to a site that isn't familiar. Malicious software may be installed in your computer simply by visiting a webpage with harmful content. Ransomware may also be bundled with seemingly useful software and files that are available for "free download" on websites. Some suspicious websites pose as a legitimate website with a similar name and URL, so always make sure you are downloading software from a legitimate source.

Patrick Eades is a Care Net Center Services Specialist and Executive Director of Care Net Pregnancy Center of Coastal Georgia (est. 1992). When he isn't fulfilling those roles he enjoys aggravating friends, family, and strangers with what he believes to be a sense of humor.