The rise of ransomware and its increased impact on small to medium-sized organizations can keep most business owners and security professionals awake at night. Ransomware is a form of malware where a hacker gains access to a business’s data, encrypts it, and demands payment for the access code for the organization to recover the data. The outcome is never certain, though. Even if the ransom is paid, many hackers still steal and/or delete the victim’s data, rendering all of the victim’s data lost. In many cases that data is its most valuable asset.
The U.S. Department of Health and Human Services (HHS) reports that 58% of malware victims are small businesses. HHS advises that in the event of a ransomware attack, DO NOT turn the computer off or unplug it. DO disconnect it from your network and internet connection. The reason for this is so that valuable forensic information can be retained on its hard drive. If a computer is connected wirelessly, disable the Wi-Fi. Go to your computer’s settings or find the wireless icon in your toolbar. If the computer is connected by an ethernet cable, disconnect the cable from the machine. Ethernet cables are usually blue and look like a large phone connector.
Preventative measures are an effective antidote. Regularly back up your practice’s data. Test it with your IT support to be sure that it can be restored without error in the event of a disaster or ransomware attack. Ensuring employees are aware of the ways an attacker might gain access to your practice’s systems can also reduce the likelihood of a security incident or data breach. The most effective defenses include reminding employees to avoid clicking on links, downloading attachments in emails, and to verify that a recipient of protected health information is legitimate before sending.