Citing the increasing frequency and growing sophistication of
attacks, the FBI Cyber Division recently released a statement describing common ransomware events
and tactics, and recommending protective actions. After several
notorious incidents in 2015, the FBI anticipates growing use of
ransomware in 2016 and beyond. A single infection can cripple an
organization by encrypting data on local drives, connected hardware
and backup drives, and even other computers on the same network,
all before users are aware of the attack. The FBI does not support
paying ransom in response to an attack. The agency recommends that
organizations focus on prevention and mitigation plans to protect
themselves and their customers' data.
The risks of cyberattack are particularly prevalent in the context
of digital health records. For example, in two recent ransomware
attacks in the health care industry, at Hollywood Presbyterian
Medical Center in February and MedStar Health in March, hackers
disabled access to computer systems for several days. The question
is when, not if, your organization will be a victim of a successful
cyberattack. Organizations should review their protocols in light
of this FBI statement and review and revise, as necessary, their
protocols for avoiding and handling malware attacks.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
