Ransomware: How to Minimize your Organization’s Risk

It’s no surprise to any employer that ransomware attacks are on the rise, making these destructive breaches a serious cause for concern. Attacks rose 158% from 2019 to 2020 in North America alone. Unfortunately, cybercriminals can easily access company data if proper measures aren’t in place. Read on for tips employers can use to mitigate the risk.

What makes a ransomware attack so destructive?

Ransomware is a type of malicious software that threatens to publish or block access to data or a computer system. An attack occurs when a cybercriminal encrypts an organization’s data and demands a ransom fee to decrypt the data. Employers are faced with a difficult decision because the data involved is crucial to the business and highly confidential. Attacks are not only costly but also harmful to productivity. The average impact of a ransomware attack on an organization’s ability to do business is, on average, a little over two weeks.

Why are ransomware attacks on the rise?

There are a few reasons ransomware attacks have grown.

1. Accessibility of cloud infrastructure, anywhere, anytime. Access to data from anywhere around the globe makes it easy for attackers to get into systems in the U.S. without being tracked and ultimately accused.
2. A growing number of criminal organizations promoting ransomware-as-a-service (RaaS). This service acts more like a business with individual groups performing different parts of a ransomware attack. Each group ends up with a cut of the ransom.
3. Vulnerable industries attract attackers. There are certain industries that cannot afford a disruption, such as food, transportation, and healthcare, which increases the likelihood of organizations paying the ransom.

How can employers prevent ransomware attacks?

While IT security teams play a large role in reducing incidents involving company data, we all play a significant part in helping to protect our organization’s data assets. Employers can take several steps to help reduce risk, starting with educating on the importance of following security protocols. Here are four tips employers can share with their employee populations to protect data.

• Always be mindful of what is being clicked on. Educate your employees on the harm an unknown, unsafe URL could cause. Employees should avoid clicking on URLs or opening attachments from unfamiliar entities. If you are ever unsure about an email, it’s better to be safe than sorry and share it with your security team for guidance.
• Avoid reusing or creating weak passwords. Reusing passwords between personal and work accounts can significantly increase the risk of a ransomware attack. Password manager applications can create complex passwords eliminating the hassle of remembering. It’s highly recommended to include special characters between words and numbers to strengthen them.
• Follow company protocols and be an active participant. It’s not unusual for your organization to have restrictions on certain things, such as blocking access to install software or certain websites, as these tactics provide protection from ransomware and many other types of attacks. Although updating software can be an inconvenience, it’s an important part of any organization’s defense and severely limits what attackers can do in an environment.
• See something, say something. If something doesn’t seem right, report it immediately to your security team. Early detection significantly reduces the impact a security breach has on an entire organization.

Premise Health’s security posture

Premise Health upholds a strong security posture given the nature of our business. Being HITRUST certified demonstrates our strong adherence to information security standards, which is a certification we don’t take lightly. As a healthcare organization, we are the keepers of a significant amount of sensitive information, making it critical that we hold ourselves to the highest security measures. To mitigate our risk against ransomware attacks, it starts with strong support from the top down. Leadership buy in allows our IT security team to implement defense-in-depth strategies, including:

• Strict web filtering policies to block traffic from regions known to distribute malware
• Endpoint protection to limit what an attacker can do in a system
• Email gateway filter which blocks and helps mitigate phishing emails
• Strong incident response team that responds to incidents that get past our controls
• Internal phishing program that leverages current trends and sends practice phishing emails to everyone in the company
• Continuing to look for ways we can further improve our security posture