10 Steps to Take When (Not If) You’re Hit With a Ransomware Attack

10 Steps to Take When (Not If) You’re Hit With a Ransomware Attack

Ransomware. It’s become an almost weekly headline in the healthcare industry. Hospitals in California, Washington, D.C., Texas, and other areas of the country have found themselves at the mercy of hackers who can completely paralyze the IT infrastructure. What’s at stake? Patient care, Protected Health Information (PHI) of countless patients and reputation of the hospital. Phishing seems to be the main mode of attack, meaning that the opening of a single seemingly harmless email could put a healthcare organization on the hook for thousands, maybe millions of dollars if they don’t comply with the hacker’s demands. That cost doesn’t even include the possibility of severe HIPAA fines if any PHI is compromised.

 

Taking Action Against Ransomwaretaking action against ransomware

As a health IT professional, what can you do if faced with a ransomware attack? Swift and immediate action must be taken as time is of the essence. Below are step-by-step instructions that your team should follow to limit the amount of damage caused by ransomware:

 

  1. Turn off Internet access through Firewall including VPN access.
  2. Disconnect the email server, then find and remove all ransomware emails.
  3. Lock all User Accounts on Active Directory so that users can no longer access the computers to block spreading of ransomware.
  4. Use Cloud-based Secure Texting service on Personal Smartphones to carry on care coordination. Use Texting, Images, Audio and Video to start collaborating on patient care to reduce errors in the absence of access to EMR.
  5. Ask clinicians to create secure texting conversation threads around patient names.
  6. Expire all Passwords (most importantly the IT Admin Passwords).
  7. Reimage computers infected by Ransomware.
  8. Turn on Active Directory and allow access to EMR internally.
  9. Turn on Internal access through Firewall.
  10. Finally, sync all patient-centric conversations from the Secure Texting service with EMR.

 

While containing and eradicating the ransomware, use the broadcasting feature of your secure texting service to update every one of the current statuses.

 

Are You Prepared for the Next Ransomware Attack?

If you need any help with establishing a Secure Texting Command Center for your healthcare organization, please do not hesitate to contact QliqSOFT. If you would like to learn more about how secure texting can be used as a disaster preparedness tool, schedule a free 30-minute demo HERE.