Worried You’ve Got Ransomware? Here’s What to Do Next
If you’re worried you’ve got ransomware, you would not be alone:
- A single hack of Anthem in 2015 compromised the medical information of over seventy-eight million customers
- There were three data breaches in 2017 that affected more than 1,000,000 individuals’ medical records
- There were eight more data breaches in 2017 that affected upwards of 100,000 individuals’ medical records
- There were over 300 total hacks last year alone
All of these numbers come directly from HIPAA. Breaches have affected small providers, larger health organizations, and a variety of insurance companies over the last few years. All of which begs the question – what do you do after some sort of breach?
We’ve gathered a few best practices, but it’s important to work with your IT department or vendor to have a specific plan in place before a breach occurs.
1. Alert Your IT Department
First and foremost, it’s important to be calm and avoid panicking when ransomware strikes. Alerting your IT vendor or IT department should be the first thing on your mind, so they can take immediate action to halt the cyberthreat and isolate the incident.
While it might be tempting to shut down or restart your computer and hope the issue gets resolved, you may be making the problem worse without knowing it. Your experienced, professional support is ready to help instead – and they’ll know just what to do.
2. Seclude Your Computer
If your device is connected to the internet via an ethernet cable, make sure you remove the cable immediately. If you are connected wireless, disconnect from your WiFi. Any attached storage drives, such as a USB drives, should be pulled out as well. It is critical that your computer is not associated with the company’s network in any way, as the malware can easily spread.
A computer with malware that is connected to your network can affect other devices. Make sure you take your affected device offline to avoid contaminating other computers and data.
3. Keep Your Computer Turned On
Do not turn off your computer when ransomware strikes. While this may be tempting, turning off your device may trigger a loss of important data or even evidence of the crime. It may also potentially remove important information you could use to decrypt files, and there is a chance that your device may never turn back on again.
Make sure you don’t take this risk. Leave the computer on until you have spoken with your IT professional, so you can share specifics of the attack and get better advice on the specific concern. This is the best way to get your computer – and data – back.
4. Restore from a Backup
To best protect your data, it is important to have a back up of key patient data and files. Backups completed regularly mean you can essentially revert back to before the ransomware attack and access a safe, unaffected copy of your information. With services like cloud hosting, your data is stored in the cloud and backed up daily in case of disaster or cyberattack. Once you have addressed the cyberattack with your IT team make sure to restore your data from the most recent back up.
Do not handle this step alone. Ask for professional guidance and IT support to restore the right files. If you don’t have a current backup process, speak with a cloud hosting professional on the best ways to protect your data.
Working with an IT vendor you can trust, who has the right security suite and proven track record, can help your practice stop ransomware attacks even before they happen. Call the experts at DAS Health at (813) 774-9800 to learn more.
Affordable Care Act (ACA)
chronic care management
Doctors Administrative Solutions
electronic health records
Health Information Exchange (HIE)
Merit-based incentive program
quality payment program