With the announcement last week from the Department of Health and Human Services (HHS), Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) on the ransomware known as Ryuk/Trickbot, hospitals and health care organizations are now looking towards how they can quickly respond to this new wave of cyber-attacks with concern that the group may deploy malware to hundreds of hospitals over the next few weeks.
Once the announcement was made the CynergisTek team took quick action with the following steps:
1. Communicating with Clients: Executive Briefings
CynergisTek conducted two executive briefing calls with our clients and outlined the steps organizations should take now, in 30 days, and in six months. CynergisTek’s service and tool agnostic approach helped more than 150 CISOs, CIOs, and CEOs understand the immediate action to take including:
- Network Segmentation
- Privileged Access Management Audit or Technology
- Multi-factor Authentication
- Endpoint Detection & Response Technology
To learn more, both executive briefing calls are available to view:
2. Raising Awareness: News Coverage
Numerous news organizations reached out to CynergisTek for our insight into how providers should take action and what this could mean to the future of healthcare.
Caleb Barlow, CEO of CynergisTek spoke with SC Media about the recent FBI/CISA advisory, the imminent cybercrime threat to U.S. hospitals and healthcare providers, and the challenge’s healthcare organizations will face, especially during the COVID-19 pandemic. Caleb discusses the first known hospital death linked to ransomware and how this ransomware attack is placing hospitals under more strain due to the pandemic.
Caleb poses to SC Media “Imagine a scenario where a hospital treating COVID-19 victims and other patients is hit with a severe ransomware attack. What might that look like? What chain reaction of chaos and confusion might it cause?”
Early on as the news was breaking Caleb spoke with CBS San Francisco – KPIX 6 to explain how hackers are attempting to take down hospitals and the scope of the problem. “That payload moves across the organization quickly, locking up computers as it goes. And within a matter of hours that entire IT infrastructure is down”.
With this in mind, healthcare organizations are now looking towards how they can better prepare themselves and build a more efficient strategy against ransomware attacks in the short term and for the future.
When speaking to TechTarget last week, Caleb discusses how healthcare CIOs can prepare their organizations “This should be the rallying call to say, ‘Look, this is the next crisis we’re dealing with, just like we dealt with PPE and masks and ventilators,'”.
3. Contributing to the Industry: KLAS Research
KLAS spoke to Caleb recently, where they posed three questions on how hospitals should safeguard their databases. Caleb breaks down strategic actions that the healthcare sector should follow in light of the recent ransomware attacks immediately and gives suggestions on what to do now and in the future.
While speaking with KLAS, Caleb states that conducting a compromise assessment, developing a runbook and business continuity plan for ransomware, and conducting a full audit of all privileged users and access levels are his top three recommendations for health systems to implement immediately.