312-253-4321    Get SUPPORT

Alchetec Blog

Ransomware Shuts Down Doctors’ Office - Is Your Business Protected?

Ransomware Shuts Down Doctors’ Office - Is Your Business Protected?

Let me ask you a question… let’s say that you’re about one year from your projected retirement, when a ransomware attack encrypts all of your files. What do you do? Pack it in and retire early? This is precisely the situation that the practitioners of Brookside ENT & Hearing Services of Battle Creek, Michigan, have found themselves in - and it may not be over yet.

What Happened to Brookside ENT?

Typical of a ransomware attack, the malware began by deleting and overwriting all of the practice’s data - every medical record, bill, and upcoming appointment. A duplicate of each file was left behind, locked behind a password that the person or persons responsible promised to provide in exchange for a $6,500 wire transfer.

Under the advisement of an “IT guy,” Dr. William Scalf and Michigan state senator Dr. John Bizon didn’t pay the ransom, as they couldn’t be sure that the password would even work, or that the ransomware wouldn’t return in the near future. As their IT resource determined that the attacker hadn’t actually viewed any of the records, this event technically didn’t need to be reported as a breach under the Health Insurance Portability and Accountability Act (HIPAA). Nevertheless, without access to this data, the physicians saw little choice than to retire early.

Well, kind of. As they had no means of knowing who had an appointment scheduled, the physicians had little choice than to wait around the office for a few weeks and see whomever showed up.

Why Throwing in the Towel May Not Be Enough

From a purely academic point of view, it only makes sense that the medical industry would be one targeted by ransomware. Not only do its establishments rely greatly on the data they have stored, there is an urgency to this reliance that cannot be denied. Think about the possible ramifications if a medical practitioner was unable to properly diagnose a patient and recommend treatment because of some unavailable data.

Of course, the strategy that Brookside ENT has adopted to close up shop doesn’t leave its owners off the hook, either. They could still find themselves in plenty of regulatory hot water.

For instance, a ransomware attack (paid or not) could be considered a reportable incident under HIPAA, or even an instigation of a negligence-based legal action. Any patient could invoke HIPAA rules if their data was in digital form and have an investigation started by the Department of Health and Human Services’ Office of Civil Rights, simply by leaving a complaint.

How You Can Protect Your Business from Ransomware

While the best way to keep your business safe is to be able to spot ransomware infection attempts before they successfully fool you into allowing them on your system, statistically, you aren’t going to be able to spot all of them… so what can you do?

One great resource you have available to you is your team. Each uneducated user offers ransomware another way in, but each educated user is another shield to help protect your business.

You should also develop and maintain a comprehensive backup plan to help protect your data from ransomware attacks and other attempts against it. While it would be ideal to not need to use this backup, it would be far less ideal to need one and not have it. Make sure that you keep your backup isolated from the rest of your network as well, so that your backup isn’t also encrypted by a ransomware attack.

At Alchetec, we have plenty of experience in mitigating the damage that ransomware can cause, as well as in solving various other IT issues. For assistance with any of your business’ IT needs, reach out to us at 312-253-4321.

How to Plan Your Data Storage Needs
Taking a Look at a Manufacturer’s IT
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Sunday, June 16 2019

Captcha Image

Subscribe to Our Blog!

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Tip of the Week Technology Best Practices Cloud Business Computing Productivity IT Services Network Security Malware Hosted Solutions Hackers Privacy Email Data Data Backup Software Outsourced IT Internet Productivity Managed IT Services Innovation Business Data Recovery Microsoft Tech Term IT Support Ransomware Cloud Computing Hardware Computer Small Business IT Support User Tips Backup Business Continuity Mobile Devices Collaboration Google Efficiency Business Management Communication Paperless Office Managed IT Services Android Windows 10 Remote Monitoring VoIP Server Internet of Things Data Management Managed Service Provider Smartphone Upgrade Smartphones Workplace Tips Phishing Disaster Recovery Passwords Managed IT Browser Encryption Office 365 Cybersecurity Mobile Device Artificial Intelligence Save Money Holiday BYOD Social Media Communications Windows 10 Quick Tips Document Management Managed Service Applications Business Technology Facebook Risk Management Saving Money Employer-Employee Relationship Government Compliance Wi-Fi SaaS Blockchain Telephone Systems Chrome Bandwidth Information Windows File Sharing Microsoft Office Automation Password Infrastructure Recovery Tip of the week Help Desk Unified Threat Management BDR Healthcare Antivirus Vulnerability Virtualization IT Management Scam Network Analytics Project Management Vendor Management Data Storage VPN Training Regulations Apps Data Security Firewall Bring Your Own Device Customer Relationship Management Office Files Hosted Solution Data loss Robot Tablet Website Money Storage Gmail App Politics Wireless Mobile Device Management Router Virtual Reality Maintenance Two-factor Authentication Work/Life Balance Going Green Word IT Service Remote Workers Internet Exlporer Networking IoT Computing Flexibility Access Control Alert Virtual Private Network Downtime Cooperation The Internet of Things Gadgets Digital Payment Mobile Security Printing Identity Theft Samsung Licensing Company Culture Outlook Big Data Computers Software as a Service Users Upgrades Customer Service Assessment Miscellaneous Chromebook Twitter Patch Management Proactive Mobility How To Health Unified Communications How To Consultation Uninterrupted Power Supply Social Redundancy Machine Learning Employees Smart Technology Remote Computing Monitors Management Network Management Remote Monitoring and Management RMM Electronic Medical Records Net Neutrality Settings HIPAA Server Management IT Solutions Distributed Denial of Service Processors Modem Comparison Security Cameras Alerts Enterprise Resource Planning Touchscreen IT Consulting Augmented Reality Instant Messaging Manufacturing Corporate Profile Employer/Employee Relationships Trending Legislation Tech Support WPA3 Operating System IT Budget Legal Law Enforcement Hard Drive Wireless Technology 5G Transportation Solid State Drive USB Network Congestion Digital Personal Information Safety E-Commerce Virtual Assistant G Suite Cabling IT Technicians Private Cloud Geography Humor Websites IBM Backup and Disaster Recovery Proactive Maintenance Managed IT Service Cookies End of Support Specifications Hacker Remote Worker Update Mobile Cortana Data Breach Finance Hard Disk Drives Computer Care WannaCry Education Fleet Tracking Tech Terms Gadget Cache Google Drive Bookmarks Taxes Hard Disk Drive Social Networking Human Error Spyware Permissions Virus Star Wars Firefox Features Wasting Time Mirgation High-Speed Internet Office Tips Statistics SharePoint Break Fix Nanotechnology Mail Merge Monitoring ROI Staff Technology Laws Authentication Shortcut Asset Tracking Theft Hotspot Recycling Avoiding Downtime Techology Favorites Teamwork Solid State Drives Black Friday Black Market Motherboard MSP Permission Computer Repair Fraud Crowdsourcing Utility Computing Lenovo Electronic Health Records Database Disaster Migration Development Bluetooth Downloads Dark Web Notifications Screen Reader Address Consulting Notes Software Tips Operations Botnet Managing Stress Unsupported Software Heating/Cooling Unified Threat Management Authorization WiFi VoIP Mobile Computing Display Technology Tips OneNote Financial Apple Sports Language eWaste 3D Printing Time Management Disaster Resistance Conferencing Shared resources Options Physical Security Cyber Monday Spam Test Superfish Cyberattacks Voice over Internet Protocol Cybercrime Business Growth Chatbots Cables Dark Data Multi-Factor Security YouTube Data Warehousing Smart Tech Social Engineering Managed Services Provider PowerPoint Wearable Technology Enterprise Content Management Mobile Data Servers User Error GPS Mouse Employee-Employer Relationship Procurement Google Maps Computing Infrastructure Telephony Proactive IT Meetings OneDrive Wireless Internet Supercomputer Cost Management Read Only Windows 7 Travel Identity Automobile Hacking Google Calendar Tracking Microsoft Excel Connectivity Search Point of Sale Professional Services Content Filtering History Emoji Vulnerabilities Printer Wires Zero-Day Threat Cleaning Printers Motion Sickness Emergency Marketing Budget Students Competition Error Regulation Database Management IP Address Sync Staffing Hiring/Firing IT Consultant CrashOverride Public Cloud GDPR Fun Mobile Office Mobile Device Managment Administrator Domains Hacks Public Speaking Information Technology Hard Drives Presentation Lithium-ion battery Relocation