312-253-4321    Get SUPPORT

Alchetec Blog

By accepting you will be accessing a service provided by a third-party external to https://www.alchetec.com/

Ransomware Shuts Down Doctors’ Office - Is Your Business Protected?

Ransomware Shuts Down Doctors’ Office - Is Your Business Protected?

Let me ask you a question… let’s say that you’re about one year from your projected retirement, when a ransomware attack encrypts all of your files. What do you do? Pack it in and retire early? This is precisely the situation that the practitioners of Brookside ENT & Hearing Services of Battle Creek, Michigan, have found themselves in - and it may not be over yet.

What Happened to Brookside ENT?

Typical of a ransomware attack, the malware began by deleting and overwriting all of the practice’s data - every medical record, bill, and upcoming appointment. A duplicate of each file was left behind, locked behind a password that the person or persons responsible promised to provide in exchange for a $6,500 wire transfer.

Under the advisement of an “IT guy,” Dr. William Scalf and Michigan state senator Dr. John Bizon didn’t pay the ransom, as they couldn’t be sure that the password would even work, or that the ransomware wouldn’t return in the near future. As their IT resource determined that the attacker hadn’t actually viewed any of the records, this event technically didn’t need to be reported as a breach under the Health Insurance Portability and Accountability Act (HIPAA). Nevertheless, without access to this data, the physicians saw little choice than to retire early.

Well, kind of. As they had no means of knowing who had an appointment scheduled, the physicians had little choice than to wait around the office for a few weeks and see whomever showed up.

Why Throwing in the Towel May Not Be Enough

From a purely academic point of view, it only makes sense that the medical industry would be one targeted by ransomware. Not only do its establishments rely greatly on the data they have stored, there is an urgency to this reliance that cannot be denied. Think about the possible ramifications if a medical practitioner was unable to properly diagnose a patient and recommend treatment because of some unavailable data.

Of course, the strategy that Brookside ENT has adopted to close up shop doesn’t leave its owners off the hook, either. They could still find themselves in plenty of regulatory hot water.

For instance, a ransomware attack (paid or not) could be considered a reportable incident under HIPAA, or even an instigation of a negligence-based legal action. Any patient could invoke HIPAA rules if their data was in digital form and have an investigation started by the Department of Health and Human Services’ Office of Civil Rights, simply by leaving a complaint.

How You Can Protect Your Business from Ransomware

While the best way to keep your business safe is to be able to spot ransomware infection attempts before they successfully fool you into allowing them on your system, statistically, you aren’t going to be able to spot all of them… so what can you do?

One great resource you have available to you is your team. Each uneducated user offers ransomware another way in, but each educated user is another shield to help protect your business.

You should also develop and maintain a comprehensive backup plan to help protect your data from ransomware attacks and other attempts against it. While it would be ideal to not need to use this backup, it would be far less ideal to need one and not have it. Make sure that you keep your backup isolated from the rest of your network as well, so that your backup isn’t also encrypted by a ransomware attack.

At Alchetec, we have plenty of experience in mitigating the damage that ransomware can cause, as well as in solving various other IT issues. For assistance with any of your business’ IT needs, reach out to us at 312-253-4321.

How to Plan Your Data Storage Needs
Taking a Look at a Manufacturer’s IT
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, July 14 2020

Captcha Image

Subscribe to Our Blog!

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Tip of the Week Technology Productivity Best Practices Business Computing Cloud Network Security Data Data Backup IT Services Privacy Hosted Solutions IT Support Software Malware Email Hackers Internet Efficiency Outsourced IT Microsoft Business Data Recovery Innovation Computer Hardware Business Continuity Cloud Computing Small Business Productivity Managed IT Services Cybersecurity Managed IT Services Mobile Devices Collaboration Tech Term Backup User Tips Upgrade Google Ransomware Communication Phishing Windows 10 Business Management Workplace Tips Mobile Device VoIP IT Support Smartphone Managed Service Provider Smartphones Paperless Office Android Disaster Recovery Quick Tips Data Management Managed Service Office 365 Remote Monitoring Communications Internet of Things Browser Managed IT Server Save Money Passwords Business Technology Facebook Encryption Social Media Network Artificial Intelligence Miscellaneous Saving Money BDR Virtualization Compliance Help Desk Holiday Wi-Fi Health Government Document Management Microsoft Office Training BYOD Remote Work Healthcare Windows 10 Windows 7 Laptops Windows Office Data Security Applications Users Employer-Employee Relationship Automation Password Vendor Management Risk Management Analytics Project Management Blockchain Apps Chrome Information Infrastructure SaaS Tip of the week Data loss Storage Avoiding Downtime Telephone Systems Bandwidth Unified Threat Management File Sharing Antivirus Recovery Mobility Processor Going Green Redundancy Maintenance Vulnerability IT Management Scam Two-factor Authentication Regulations Politics Flexibility VPN Hard Drive Machine Learning IoT Access Control Virtual Reality Work/Life Balance Bring Your Own Device Virtual Private Network IT Service Gadgets Covid-19 Hosted Solution Customer Relationship Management Firewall Computers Robot Big Data Company Culture Tablet Gmail Software as a Service Computing Website App Proactive Files Wireless Mobile Device Management Router Employee-Employer Relationship Meetings OneDrive Money RMM Word Data Storage Twitter Professional Services Server Management Payment Cards HIPAA Settings Remote Workers Augmented Reality Operating System Networking Social Internet Exlporer Solid State Drive Co-Managed IT Remote Computing Printing Downtime Remote Worker Data Breach Electronic Medical Records Managed Services Cooperation The Internet of Things Mobile Security Outlook Digital Payment Upgrades Identity Theft Licensing Monitoring Recycling Assessment Alert Customer Service Utility Computing Electronic Health Records Display Dark Web How To Consulting Mobile Office Apple Time Management Patch Management Consultation Samsung Unified Communications Uninterrupted Power Supply Social Network How To Monitors Managed Services Provider Employees Search Network Management File Management Data Storage Management Information Technology Smart Technology Remote Monitoring and Management Net Neutrality Chromebook Physical Security Outsourcing Microsoft Excel Connectivity Content Filtering History Point of Sale Printer Sports Vulnerabilities Tracking Network Congestion Wires Zero-Day Threat Distributed Denial of Service Modem Security Cameras Touchscreen IT Consulting Value of Managed Services Alerts Enterprise Resource Planning Corporate Profile Humor Instant Messaging Manufacturing Comparison Business Growth Employer/Employee Relationships IT End of Support WPA3 Windows Server Tech Support Remote Working Cortana Transportation Trending Legislation Wireless Technology 5G IT Budget Bitcoin IBM Video Conferencing G Suite Cabling E-Commerce Virtual Assistant Websites Telephony Telephone Safety IT Technicians Geography Digital Education Backup and Disaster Recovery Business Telephone Managed IT Service Cookies Hacker Mobile Computer Care WannaCry Office Tips Finance Hard Disk Drives Specifications Automobile Proactive Maintenance Fleet Tracking Tech Terms Google Drive User Management Budget Cache Taxes Hard Disk Drive Bookmarks Emoji Optimization Social Networking Firefox IT Solutions Processors Current Events Biometric Permissions Star Wars Features Wasting Time Statistics SharePoint Mobile VoIP Mirgation High-Speed Internet Spyware Human Error Database Management IT Assessment Break Fix Nanotechnology ROI Technology Laws Legal Law Enforcement Vendor Staff Authentication Mail Merge USB Asset Tracking Theft Techology Personal Information Batteries Peripheral Hotspot Unsupported Software Favorites Teamwork Shortcut Private Cloud Solid State Drives Virtual Machines Black Friday Motherboard Permission Lenovo Projects Gamification Fraud Disaster 3D Printing Database Bluetooth Downloads Update Cyber security Migration Development MSP GDPR Digitize Screen Reader Software Tips Notes Heating/Cooling Unified Threat Management Gadget Smart Devices Operations Managing Stress WiFi VoIP Dark Data Authorization Address Social Engineering OneNote Financial Disaster Resistance Virus PCI DSS Language eWaste Mobile Data Conferencing Shared resources Technology Tips Options Credit Cards Cyber Monday Mobile Computing Test Superfish Return on Investment Spam Outsource IT Cybercrime Cyberattacks Voice over Internet Protocol Multi-Factor Security Chatbots Cables Black Market Shadow IT Data Warehousing Smart Tech PowerPoint Servers User Error Sensors Wearable Technology Enterprise Content Management GPS YouTube Google Maps Procurement Proactive IT Computer Repair Crowdsourcing Computing Infrastructure Mouse Wireless Internet Holidays Notifications Active Directory Laptop Cost Management Travel Read Only Hacking Google Calendar Botnet Windows Server 2008 Identity Supercomputer Lithium-ion battery CRM Cleaning Hacks Motion Sickness Printers Emergency Marketing Students Relocation Hiring/Firing Competition Regulation Sync IP Address Staffing Fun IT Consultant CrashOverride Mobile Device Managment Administrator Error Domains Hard Drives Public Cloud Public Speaking Presentation