How Can I Protect My PACS from Ransomware?


_Blog Graphics (34)

The cost of US Healthcare ransomware attacks alone are estimated at $21 billion. According to The HIPAA Journal, ransomware attacks on the healthcare industry have skyrocketed since 2020 and at least 91 US healthcare organizations have suffered a ransomware attack, up from 50 the previous year.

For independent radiologists and anyone in private practice, ransomware can be disastrous, especially if you do not have a backup of your data and protected health information (PHI), or the support of an IT specialist on hand when you need them.

There is only you and the ransom demand, with all of your images and patient data locked behind it.

New ransomware variants use powerful encryption and delete or encrypt backup files to ensure data cannot be easily recovered without paying the ransom. Healthcare organizations are increasingly being targeted for these attacks, so it is particularly important to understand how you can protect yourself from these attacks.

What can you do to protect your practice? In the past, we’ve looked at data security and HIPAA compliance more generally, but today's blog is dedicated to the two main options you have when prevention fails, and ransomware locks you out.

Option No. 1: Prepare to counter ransomware attacks by using a cloud-based image server.

When ransomware shuts down an infected computer, usually there is no workaround, nor is there a "universal removal software" on the market. Instead, you are left with a demand for a monetary ransom with a deadline to meet it; after which, if you fail to deliver, your data will be lost forever.

And, from a technical standpoint, the infected hardware is rendered unusable until it is wiped clean and reformatted.

Free, On-Demand Webinar: Would a Cyber Attack Bring Your System to Its Knees?

Rather than attempt to restore access to your original mode of storage - which is now held hostage - a cloud-based picture archiving and communication system (PACS) for your medical imaging studies could be the answer. If something were to go wrong on a particular computer or set of computers, you would be able to navigate to your cloud storage through a web browser on a different machine.

This provides you with seamless access to your data, while also removing the urgent need to pay the ransom to restore access to the original machine.

Option No. 2: Keep your PACS onsite and maintain a reliable series of current backups.

There are a number of reasons why some businesses cannot - or simply choose not to - use a cloud-based PACS solution. If you are running your PACS onsite, your software is installed as an application on a specific computer. If ransomware hits that machine, you are out of options and in a potentially ruinous situation for a health care practice.

That's why backing up your data is essential, if you have an onsite PACS setup. Depending on your volume, you may need daily or even hourly backups, which can be stored in the cloud or on a dedicated server that is not connected to the internet.

Keep in mind, however, that your backups will only be a viable lifeline in the case of a ransomware attack if they are current. Do not just assume backups of your PACS are happening regularly; whether you have internal IT staff handling backups for you or if you have the assistance of a cloud vendor, test your backup process often.

Option No. 3: You can pay the ransom - but that might not be the best idea.

Of course, the unattractive third option is to simply pay the ransom, however, this can create some additional issues. First, you are signaling to the hacker that you're willing to pay, and there is nothing to stop that person or their associates from targeting your PACS again.

Second, in the case of ransomware, organizations have discovered that meeting the demand of payment is not always a guarantee the files will be released, as promised. So, if you opt to pay for restored access to your files, know there is a chance your data is already lost forever.

Finally, a new and disturbing trend is emerging: third-party ransomware, where hackers actively seek out other ransomware demands and then inject their own bitcoin accounts into the ransom message. The result? You think you have paid the original criminal when in, reality, an unrelated threat actor has made off with your money - and you still owe the original ransom.

What's the Bottom Line?

The threat of ransomware isn't going away any time soon - indeed, cybercriminals are becoming even more sophisticated in their implementation. But you don't have to let it threaten the security of your data - or the future of your practice.

Do not be caught unprepared. A catastrophic loss of data can be devastating and can result in your medical practice having to close down. And while you cannot stop a hacker from targeting you, the message here is there are proactive measures you can take to keep your data safe and accessible.

So, don't wait until it is too late - start implementing changes to your system architecture today.




Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.