Posted by: Heather Shy on April 26, 2019 at 8:00 am
A western Michigan medical practice is shutting down after a ransomware attack.
We have one question: Where were the backups?
Let’s review the events, and what the doctors did right — and wrong.
The attack: Hackers encrypted the practice’s billing and scheduling systems, and all patient records. Then, they demanded $6500 for the access code. This seems like a fairly typical ransomware attack. The requested amount may vary, but the demand is the same: “We locked your files. Pay up or you lose them.”
The response: The doctors refused to pay the ransom. Potentially, this is the best course of action. Paying the ransom does not guarantee that the hackers will provide the decoding key. Also, giving money to hackers definitely encourages the same behavior and pays for more hacking. The FBI also recommends not paying ransomware demands.
In this case, however, it didn’t work out so well for the doctors involved. Why not?
The result: According to one of the doctors, all of the practice’s files, “including appointment schedules, payment and patient information [were] erased.”
Now, the two doctors are facing forced retirement rather than trying to rebuild their database from scratch. The final day for the practice is April 30.
Not exactly the outcome they were expecting, we’re sure.
Wait. Where Were the Backups?
“But wait!” you might ask, as a knowledgeable reader of this blog. “Where were their backups?”
Well spotted, reader. We found no mention of a data backup system in any of the news stories about this attack. That’s why not paying the ransom was a bad idea in this case.
If the doctors partnered with qualified IT experts, they possibly could have:
- Ensured that copies of their patient files, billing and scheduling records were readily available.
- Prevented attacks with a firewall, email filters, and cybersecurity training for the staff.
- Shut down the attack while still in progress. If caught in time, IT pros can “pull the plug” on an attack, preventing some files from encryption.
- If an attack still occurred, quickly restored patient files, billing and scheduling records, requiring little — or even zero — rebuilding of records.
The lesson is this: You must have a data backup system and protection plan in place before ransomware hits. Then, you can tell hackers to “get lost” with no loss to your business or medical practice.
Are your patient records and billing data backed up? Are you ready for an IT expert to review your system for security weak points and help you develop a plan to strengthen your network? If so, call TAZ Networks today.