The threat of ransomware dramatically increased in 2020, with security firm Check Point saying it saw a 50% increase in the daily average of ransomware attacks in Q3, as compared to the first half of the year.
In ransomware attacks, cyber-criminals hold your data hostage by encrypting it and demanding a payment for its release. 2020 has been a particularly challenging year for businesses when it comes to ransomware. As a result of the pandemic, many organizations have left gaps in their IT systems which are easier for cyber-criminals to exploit.
The cost of an infection can be very high—it will disrupt your business’ ability to perform work at the very least, as impacted systems are reinstalled from backup. For healthcare organizations, this lack of availability can have a human cost.
In some cases, viable backups may not exist (or may have been encrypted as well), leaving an organization with a difficult choice to make regarding risking paying such a ransom (which only encourages this ransomware “business model”). Worse, a recent trend has been the disclosure of captured data, not just destruction, in the case of unpaid ransoms.
Dimensional Insight’s preparedness
Dimensional Insight is well aware of the threat of ransomware. Our security office is actively engaged in protecting our own organization from this threat, as part of our overall information security program. This is important so we do not have interruptions that prevent us from providing service to our customers. Even more importantly, we do not want to become a malware vector into our customers’ organizations via e-mail, VPN access, or software that we release.
Here are two key elements of our strategy:
The first is endpoint protection. Employee devices are required to have anti-virus and anti-malware software installed. This software reports centrally to us so we can audit compliance and observe threats. OS and software updates are mandated and enforced.
The second, and equally important, is user education. While we can keep machines up-to-date, a security-conscious culture across the organization is required to keep our systems safe. We achieve this with both dedicated training sessions and with a segment during our all-hands meetings. These weekly information security updates and refreshers are brief and to-the-point. They raise and maintain awareness, serving as a constant reminder to be vigilant.
In addition, we conduct annual risk assessment audits, and our security team meets weekly to advance risk mitigation projects, plan user education, and respond to active threats in the ever-changing cybersecurity landscape.
Working together to combat ransomware
Guarding your own organization against ransomware is a significant task. For help with that, you may wish to consult online resources published by the Cybersecurity & Infrastructure Security Agency (CISA), a U.S. governmental agency, at https://www.cisa.gov/publication/ransomware-guide.
In terms of more specific cooperation between Dimensional Insight and our customers, communication and access auditing are essential to keep us all safe.
Dimensional Insight will:
- Advise customers of any security vulnerabilities found within software we release
- Advise customers of possible infected e-mail malware sent to your domain
- Advise customers of malware detections on endpoints which have VPN access to your network
- Advise customers of personnel changes requiring termination of access to your systems
Conversely, our customers should:
- Notify us of possible e-mail malware sent to our domain
- Notify us of malware detections on servers our staff can connect to
- Regularly audit VPN access granted to our staff, verifying access is still needed
- Regularly audit other resource access (e.g. DiveLine accounts), verifying access is still needed