Ransomware — Protecting Yourself From 4,000 Attacks per Day

Ransomware is malicious software that gets installed by cybercriminals who take over your system and hold it “hostage,” demanding ransom to give you back access to your critical data. This happens 4,000 times a day — and the pace is growing. The healthcare industry is a common target for this kind of attack, because of the sensitivity (and therefore value) of the data, as well as the frequently lax defense in IT systems in healthcare businesses. It is therefore especially important for a healthcare business to understand the threat and some ways that you can protect your business.


The Health Insurance Portability and Accountability Act (HIPAA) requires healthcare businesses take numerous security measures to ensure that patient information is not compromised. Step one is a security management process with a risk analysis to identify threats and plans to implement measures that address those risks. It also includes procedures to detect and defend against malicious software, which is where ransomware enters the equation. There are many types of cyberattacks, and ransomware is one of the worst. HIPAA-compliant IT systems defend against ransomware, and some of the key strategies are outlined below.

Back Up Your Data

The threat of ransomware is based on losing access to your data. If you have frequent back-ups and test the system often to verify the security of backed-up data, the threat of ransomware is diminished. It might also decrease the change of being a ransomware target in the first place, if the cybercriminals see that your system is robust in that regard. Having an offline back-up system (rather than just one on a connected network or in the cloud) also has advantages, since it can’t be reached by conventional attacks. There is usually lower hanging fruit elsewhere if you have a resilient back-up system. Another key part of a broader back-up plan is to have business continuity plans in place. If your systems are attacked, you should have mechanisms in place to be able to continue your business. (This is true for fires and natural disasters too, not just cyberattacks.)

Spotting the Threat

Too often, a business doesn’t know that it is being attacked until its data is encrypted, and the hacker sends you the electronic equivalent of a ransom note. The first line of defense is with the workforce of that business, so HIPAA requires employees to be trained in detecting and reporting malware such as ransomware. If the early indicators are spotted and the team reacts quickly, the damage can be minimized. One of the signs is an increase in the activity of a computer’s CPU or hard drive that doesn’t correlate to the legitimate business functions. Another is certain files becoming inaccessible as the ransomware progresses through the content on your system. Also, most people know not to open unknown attachments or click on suspicious links, but hopefully, they also know enough to do something about it if they do inadvertently let malicious software get into the system.

How to React

If a healthcare business does discover an attack, it must immediately start its security incident and response procedures. This includes a thorough determination of the scope, origin and status of the attack, plus a sequence of recovery procedures according to the documented plan. Clearly, this is a serious situation, and it often works best to let an IT service specialist with expertise in HIPAA issues create and manage the plan. Do whatever you can to minimize the chance of being one of those 4000 daily victims.

QualityIP is the trusted choice when it comes to staying ahead of the latest information technology tips, tricks and news, whether it is ransomware or any other IT issue. Contact us at (330) 931-4141 or send us an email at [email protected] for more information.