Imagine how hard it would be to do your job if you could no longer login to the systems you use every day! What would you do if you couldn’t access your patients’ information? How would you properly care for your patients? That’s what happens when hackers conduct a successful ransomware attack. Data is held hostage until the ransom demand is paid.
In a recent ransomware attack impacting over 100 nursing homes, the ransom demand was $14 million in bitcoin. Very few businesses can afford that large of a ransom and the FBI does not recommend paying ransoms as it only encourages this bad behavior. In this instance, a third party IT vendor called Virtual Care Provider Inc. (VCPI) providing data storage and other IT services for the nursing homes was the target of the attack. 1In an interview with KrebsOnSecurity today, VCPI Chief Executive and Owner Karen Christianson, said the attack had affected virtually all their core offerings, including internet service and email, access to patient records, client billing and phone systems, and even VCPI’s own payroll operations that serve nearly 150 company employees.
Phishing emails are the most common mechanism for the delivery of ransomware. Clicking on a link or opening an attachment within a ransomware phishing email triggers the infection resulting in encryption of data. This is the reason it is so important for anyone using email to be cautious and heed the red flags such as below.
- Be suspicious of unsolicited or unexpected email messages from individuals asking for sensitive information like User IDs and passwords. Contact the individual by means other than email to confirm the validity of the request.
- Never click on links or open attachments in suspicious emails. (Tip: Hovering your mouse over a link will reveal the destination of where the link would take you. If that destination is different than what’s shown in the email, do not click it.)
- Never enter your User ID or password on a web page unless you are 100% sure the page is legitimate.
- Pay attention to the URL of a website. Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com vs. .net).