Healthcare professionals are performing heroics on a daily basis, working to the point of exhaustion and putting themselves in harm’s way as they try to save as many patients as possible. We applaud them every day in communities around the world with displays of our respect and gratitude.
However, some malicious actors view them and their organizations as targets and have used the COVID-19 pandemic as a catalyst to ramp up their efforts to cause harm. Email is still the access vector of choice for attackers, as malicious actors serve up cleverly crafted emails that feed on our fear of the unknown and our desire to be informed. Many of those emails are scams, and others deliver something even more nefarious: ransomware.
What is ransomware?
Ransomware, a common threat faced by healthcare organizations, is malicious software that covertly encrypts your files so you are unable to access them, then demands payment for their safe recovery.
In the best of times, organizations can roll out elaborate awareness campaigns and track training to gradually build a solid prevention program. While these are very important elements of any security strategy (and should be pursued), we are not currently in the best of times. Healthcare professionals and the teams dedicated to supporting them have less time now to scrutinize each email they receive. They need more technical controls to help prevent attacks, and they need the right detection and response tools and processes to help identify problems and remediate them before they disrupt the vital functions of medical treatment.
