[ Friday, June 30, 2017 ]


Petya Cyberattack: A rural West Virginia hospital is one of the headline victims of the most recent ransomware iteration, known as Petya (which follows closely on the heels of WannaCry, which had a built-in escape hatch that prevented it from causing too much damage).  How do you protect yourself:

Don't pick up the virus.  Easier said than done, but you can go a long way just through education of your staff.  Almost all of these ransomware attacks come via phishing emails.  Don't click, and teach your staff not to click.

Be prepared in case you get hit.  If you do pick up the virus (and even the best-protected businesses could be a victim), there's still hope, as long as you're prepared in advance.  That means you should do the following ASAP:

  1. Have good, constant, regular and redundant backups.  If you're hit by ransomware and all your data is encrypted, but you can pull an exact second copy of the same data off the shelf, all the cyberattack will cost you is time and a little frustration.  But make sure your backups are structured so that you don't end up deleting a good backup and making a backup of your already-encrypted data.
  2. Practice patch management.  Some viruses are "zero-day" viruses, and you might be unlucky to get hit through a vulnerability that hasn't been patched yet.  That is extremely, extremely unlikely, but if it happens, you should still be OK if you've done good backups.  Most likely, there is a patch available for whatever vector the next ransomware wave exploits, and if you install patches regularly and aggressively, you'll likely avoid being a victim.
  3. Map your network.  If you get hit, you'll need to find out where it came in so you know where to start the cleanup.  But before you get hit, mapping might uncover some breaches in your defenses that you can fix now, and that, in and of itself, might prevent you from being victimized.
Be careful out there, and be prepared.  

Jeff [10:03 AM]

Comments: Post a Comment
http://www.blogger.com/template-edit.g?blogID=3380636 Blogger: HIPAA Blog - Edit your Template