The rising tide of ransomware may have cost the business world as much as $1 billion in 2016. It's difficult, however, to pin down an actual figure. In fact, the number might be much greater, as so many victims of a cyber attack pay the "ransom" to release their files, without ever reporting such an incident has occurred.
For independent radiologists and anyone in private practice, ransomware can be disastrous, especially if you do not have a backup of your data and protected health information (PHI), or the support of an IT specialist on hand when you need them.
There is only you and the ransom demand, with all of your images and patient data locked behind it.
While there are steps you can take to protect your data, absolute prevention of a ransomware attack is becoming more and more challenging. The growth vector of ransomware has already rocketed off the charts 2017 as artificial intelligence (AI)-based attacks continue to come online, and a cottage industry of ransomware for hire expands its reach.
What can you do to protect your practice? In the past, we’ve looked at data security and HIPAA compliance more generally, but today's blog is dedicated to the two main options you have when prevention fails, and ransomware locks you out.
Option No. 1: Prepare to counter ransomware attacks by using a cloud-based image server.
When ransomware shuts down an infected computer, usually there is no workaround, nor is there a "universal removal software" on the market. Instead, you are left with a demand for a monetary ransom with a deadline to meet it; after which, if you fail to deliver, your data will be lost forever.
And, from a technical standpoint, the infected hardware is rendered unusable until it is wiped clean and reformatted.
Free, On-Demand Webinar: Would a Cyber Attack Bring Your System to Its Knees?
Rather than attempt to restore access to your original mode of storage - which is now held hostage - a cloud-based picture archiving and communication system (PACS) for your medical imaging studies could be the answer. If something were to go wrong on a particular computer or set of computers, you would be able to navigate to your cloud storage through a web browser on a different machine.
This provides you with seamless access to your data, while also removing the urgent need to pay the ransom to restore access on the original machine.
Option No. 2: Keep your PACS onsite and maintain a reliable series of current backups.
There are a number of reasons why some businesses cannot - or simply choose not to - use a cloud-based PACS solution. If you are running your PACS onsite, your software is installed as an application on a specific computer. If ransomware hits that machine, you are out of options and in a potentially ruinous situation for a health care practice.
That's why backing up your data is essential, if you have an onsite PACS setup. Depending on your volume, you may need daily or even hourly backups, which can be stored in the cloud or on a dedicated server that is not connected to the internet.
Keep in mind, however, that your backups will only be a viable lifeline in the case of a ransomware attack if they are current. Do not just assume backups of your PACS are happening regularly; whether you have internal IT staff handling backups for you or if you have the assistance of a cloud vendor, test your backup process often.
Option No. 3: You can pay the ransom - but that might not be the best idea.
Of course, the unattractive third option is to simply pay the ransom, however this can create some additional issues. First, you are signaling to the hacker that you're willing to pay, and there is nothing to stop that person or their associates from targeting your PACS again.
Second, in the case of ransomware, organizations have discovered that meeting the demand of payment is not always a guarantee the files will be released, as promised. So, if you opt to pay for restored access to your files, know there is a chance your data is already lost forever.
Finally, a new and disturbing trend is emerging: third-party ransomware, where hackers actively seek out other ransomware demands and then inject their own bitcoin accounts into the ransom message. The result? You think you have paid the original criminal when in, reality, an unrelated threat actor has made off with your money - and you still owe the original ransom.
What's the Bottom Line?
The threat of ransomware isn't going away any time soon - indeed, cyber criminals are becoming even more sophisticated in their implementation. But you don't have to let it threaten the security of your data -or the future of your practice.
Do not be caught unprepared. A catastrophic loss of data can be devastating and can result in your medical practice having to close down. And while you cannot stop a hacker from targeting you, the message here is there are proactive measures you can take to keep your data safe and accessible.
So, don't wait until it is too late - start implementing changes to you system architecture today.