Mannassi IT Solutions

Blog

What's happening.

Posts tagged ransomware
Cyber Security – A Self Inflicted Pain

The recent news of another pandemic ransomware cyber-attack and all the businesses and individuals affected, brings into sharp focus how sometimes doing the bare minimum is the same as doing nothing at all. People can take their technology for granted, assuming they are safe because they thought their operating system has been updated, without ever checking to make sure this is the case. The same goes for antivirus, how many people take the time to check to see if their anti-virus/anti-malware is current? When was the last time you double checked yours?  Most people’s answer will be “I don’t know”.  Relatively simple steps can save a lot of headache down the line, and save you from long downtimes when you can’t access your systems.

We have found that many companies run their IT security and data protection based on the “fingers crossed” concept.  They skimp on the expense of putting in proper firewalls and instead go for the cheapest option on the shelf. Then they end up wondering why their company is paralyzed by ransomware! Network security should be multi-layered, with protection for inbound email, URL filtering to stop users going to malicious web sites, business class firewalls with intrusion prevention software, end point protection for all workstations and mobile devices and most importantly a proactive approach to monitoring all of these technologies. And finally, even with all this protection, there is always a chance something will get through, so having comprehensive data protection in the form of backups that are separate from the core network, and thus out of the reach of ransomware encryption. And yes, backups need to be checked regularly, including doing test restores.

So, come on people! Stop procrastinating and going for the cheap and basic options. You need to own your cyber security and make it a way of life.

If you don’t know where to start or need help, call us! We’re happy to talk security any day.

Want more cybersecurity straight from the headlines? Follow us on twitter: @MannassiIT

Don’t get held for ransom!

The news is currently saturated with talk of the WannaCry/WannaCrypt ransomware virus that infected systems across the globe.  So, what is ransomware?

Ransomware is a type of malicious software that blocks access to the data on your computer until a fee is paid to the attacker (hence the “ransom”). The most advanced versions of the software can lock up your entire computer until a bitcoin ransom is paid. With little warning, and almost no way around the attack, victims sometimes pay large sums of money to regain access to their data.

For healthcare and associated organizations, it is especially dangerous because a successful ransomware infection of a system that has access to, or stores electronic protected health information (ePHI) is also a major breach of HIPAA compliance.  The following excerpt from the Health and Human Services website (emphasis mine) can shed some light:

Q: Is it a HIPAA breach if ransomware infects a covered entity’s or business associate’s computer system?
A: Whether or not the presence of ransomware would be a breach under the HIPAA Rules is a fact-specific determination.  A breach under the HIPAA Rules is defined as, “…the acquisition, access, use, or disclosure of PHI in a manner not permitted under the [HIPAA Privacy Rule] which compromises the security or privacy of the PHI.”  See 45 C.F.R. 164.402.6
When electronic protected health information (ePHI) is encrypted as the result of a ransomware attack, a breach has occurred because the ePHI encrypted by the ransomware was acquired (i.e., unauthorized individuals have taken possession or control of the information), and thus is a “disclosure” not permitted under the HIPAA Privacy Rule.
Unless the covered entity or business associate can demonstrate that there is a “…low probability that the PHI has been compromised,” based on the factors set forth in the Breach Notification Rule, a breach of PHI is presumed to have occurred.  The entity must then comply with the applicable breach notification provisions, including notification to affected individuals without unreasonable delay, to the Secretary of HHS, and to the media (for breaches affecting over 500 individuals) in accordance with HIPAA breach notification requirements. See 45 C.F.R. 164.400-414.

After a 22-year-old wunderkind managed to thwart last week’s global attack by registering an embedded domain, he warned that the software only needed to be modified before it would be ready to be relaunched. Ransomware attacks are likely only going to increase, therefore proactive steps to protect your network are essential. Make sure you know what security your IT system requires to keep you from being held hostage! We can assess your network and strengthen its defenses against these types of attacks. Even if you escaped unscathed this time, don’t risk getting caught up in the next ransom!