The Cybersecurity and Infrastructure Security Agency (CISA) has released a fact sheet regarding protecting personally identifiable information (PII) from a ransomware attack.
Ransomware attacks have increased amongst healthcare organizations, especially during the pandemic. Cybercriminals have profited by using phishing emails and other threats to expose patient data and asking for a high ransom to return the sensitive data.
The recent ransomware attacks have led the U.S. government to establish a task force to address the rise in cybercriminal activity. "Malicious actors increasingly exfiltrate data and then threaten to sell or leak it—including sensitive or personal information—if the ransom is not paid," the fact sheet explains. "These data breaches can cause financial loss to the victim organization and erode customer trust."
Read more: The cost of ransomware attacks
CISA recommends numerous safeguards to prevent a ransomware attack on an organization's network. The first recommendation is to maintain offline and encrypted backups of data. "It is important that backups be maintained offline as many ransomware variants attempt to find and delete or encrypt accessible backups," according to the fact sheet. It's also critical to reduce the risk of phishing emails reaching employees. CISA suggests enabling strong spam filters and training employees on how to recognize suspicious activity.
Read more: Is HIPAA employee awareness training enough?
Other recommendations to prevent ransomware attacks include conducting regular vulnerability scanning, keeping software updated, and creating and maintaining a cyber incident response plan.
The fact sheet notes that "organizations storing sensitive or personal information of customers or employees are responsible for protecting it from access or exfiltration by malicious cyber actors." CISA recommends that you:
Read more: Why health systems must take ransomware protection seriously
In the event that your safeguards fail to prevent a ransomware attack, CISA recommends executing your cyber incident response plan to secure network operations and prevent further data loss. The following steps should also be taken:
CISA discourages organizations to pay the ransom demanded by cyberhackers. "Paying a ransom may embolden adversaries to target additional organizations, encourage other criminal actors to engage in the distribution of ransomware, and/or may fund illicit activities," says the fact sheet. "Paying the ransom also does not guarantee that a victim’s files will be recovered."
Read more: To pay or not to pay for stolen data
One of the most common ways that ransomware infiltrates a system is through phishing emails. Humans are prone to make errors, which makes email a convenient access point for cyberhackers.
Paubox Email Suite Plus is the email security solution for protecting your network against ransomware attacks. It offers robust inbound security tools that prevent threats like phishing emails from even entering an employee's inbox. Instead, malicious messages are quarantined for further review.
It also includes our latest patent-pending security feature, Zero Trust Email, which requires another layer of verification before any email is delivered. Paubox also encourages HIPAA compliant email by sending encrypted emails by default. Your employees will be able to use it easily since it can seamlessly integrate with your current email provider, including Google Workspace and Microsoft 365.