Manufacturing remains the industry most commonly targeted by ransomware criminals, but healthcare is gaining fast. One recent report showed attacks in the medical sector up 650% this year over last.
In an educational session at RSNA 2022 on Monday, two experts cited the sobering statistics and offered some surprisingly easy ways to thwart bad actors who may eye poorly prepared radiology practices as easy paydays.
Former FBI special agent and chief of strategic initiatives David Miller, MPA, who now works as chief administrative officer of Imagine Software, was joined by Barbara Rubel, MBA, senior VP of business development at MSN Healthcare Solutions.
Noting that cybercriminals have learned to sidestep law enforcement by marketing “ransomware as a service” for a price on the Dark Web, Miller suggested occasionally asking desktop support staff “a little about what you’re up to today.”
This modest workplace interaction “can help you get a better understanding of the things [your IT people] are doing to protect your data,” Miller said. “It also may identify some areas that you want follow up on with management.”
Of course, such strategic chitchat won’t do much if it isn’t part of a broader and more regular communications process, Miller suggested. Equally important is maintaining open lines of information exchange with IT leadership.
“They love talking about what they’re doing,” Miller said. “Ask them to share how they protect your data—and then ask for some proof. Say, ‘Hey, can you show me our patching policy?’”
Other requests might be for policies and practices around password refreshing, server updating and the like.
“From a leadership perspective, this [kind of banter] gives you peace of mind,” Miller said. “Ultimately, it really is up to the folks on the front lines of cybersecurity to protect your entire organization. Having them show you what they’re doing is pretty powerful. I highly encourage it.”
Cellphones as hard-to-penetrate shields
Asked by an attendee how to use social media without inviting prying eyes, Miller assured the audience that he too uses the platforms for personal as well as professional purposes.
“Learn about the settings for each account”—Facebook, Twitter, LinkedIn, Instagram, YouTube—“and then tailor those settings according to what you believe your risk level to be,” he said.
Miller advised refraining from listing any more contact information than necessary to do your job. Along those lines, a sales director may not feel free to omit his or her email address or phone numbers from LinkedIn. But nearly all others should consider restricting that kind of info to one-on-one channels.
Cellphones, for example, are now used to log into all manner of password-protected domains, including well-defended apps.
“Cellphones are fairly personal devices, and there are web tools that can protect them,” Miller pointed out. “You might use Google Voice, Skype or any number of web-based phone services that let you text. Some are free, some cost money. But if you don’t have a business [landline] and you’re looking for a way to better leverage your personal cellphone, one of the paid services could be worthwhile.”
The FBI: Your anti-ransomware ally
Another session attendee asked how to know when to contact law enforcement with concerns about a possible ransomware attack.
“As a former federal agent, I recommend getting to know state or local law enforcement through some sort of community association,” Miller said. “This is especially smart if you’re in a leadership position” within your healthcare provider organization.
Meanwhile it can’t hurt to have a number handy for the FBI and the Department of Homeland Security, Miller offered.
If you do get hit with a ransomware attack, you’re wise to alert a federal agency sooner rather than later, he said.
“The FBI has resources available,” Miller noted, adding that the agency has been collecting insightful data and is generally willing to share it with fellow stakeholders as needed.
“Your call to the FBI about ransomware is, in many ways, a simple business call,” he said.