A hacking collective known as Blackcat, and also going by ALPHV, has claimed responsibility of a February attack that affected the Change Healthcare system which led to widespread disruptions for healthcare providers processing bills, claims, payroll, and prescriptions for several weeks. The UnitedHealth insurance Group confirmed that a ransomware attack earlier in the year affected the private data of over 100 millions customers.
Change Healthcare told OCR on October 22nd that it had sent their users about 100 million individual notices regarding the breach of customer data. Customers were made aware of what the stollen may have contained.
Stolen Information may include:
- Health insurance information (such as primary, secondary or other health plans/policies, insurance companies, member/group ID numbers, and Medicaid-Medicare-government payor ID numbers)
- Health information (such as medical record numbers, providers, diagnoses, medicines, test results, images, care and treatment)
- Billing, claims and payment information (such as claim numbers, account numbers, billing codes, payment cards, financial and banking information, payments made, and balance due)
- Other personal information such as Social Security numbers, driver’s licenses or state ID numbers, or passport numbers.
How Can You Stay Protected from Ransomware
Ransomware attacks are one of the most malicious cyber threats facing individuals and businesses today. This type of malware locks you out of your data by encrypting it and then demands payment in exchange for the decryption key. However, paying the ransom does not guarantee you will regain access to your data and only fuels future attacks. Instead, the best way to protect yourself from ransomware is by implementing preventive measures and creating a robust data recovery strategy.
- Keep Active Backups
An effective way to protect against ransomware is by maintaining active backups. These backups should be taken frequently and stored separately from your primary system. If ransomware strikes, you’ll have a recent copy of your data to rely on, reducing the need to pay or negotiate with attackers. Ensure your active backup system is set to automatically capture regular snapshots of your data and that these backups are tested periodically. Testing your backups is essential; it verifies that your data can be recovered without issues, and that the system is functioning as expected.
- Implement Redundant Backups
Redundancy in data backups adds a layer of security against ransomware attacks. Storing backup copies on multiple devices and locations—known as redundant backups—ensures that even if one backup is compromised, you still have a fallback. For example, you can keep backup copies on external hard drives, separate servers, or Network Attached Storage (NAS) devices. Keep these devices disconnected from your main network when not in use to prevent ransomware from infecting all backups at once. By adding redundancy, you minimize the chances of complete data loss, regardless of how severe the attack is.
- Utilize Cloud Backups
Incorporating cloud backups into your data recovery strategy provides an offsite storage option, which is highly secure and accessible from virtually anywhere. Many cloud providers offer automated backups with robust encryption and security features that can safeguard data from ransomware. The cloud’s version control capability also allows you to restore files to a specific point in time, meaning you can revert to an unencrypted state if ransomware affects your data. Cloud backups are typically managed by dedicated professionals, offering a highly resilient and reliable option for your data.
Additional Steps for Prevention
- Regular Software Updates: Keeping your systems up-to-date is crucial, as many ransomware strains exploit unpatched vulnerabilities. Regular updates reduce your exposure to attacks.
- Managed Detection and Response (MDR) Tools: The biggest difference between MDR services and the traditional antivirus-based security is that MDR is proactive, and antivirus is reactive. Generally speaking, antivirus systems rely on signature detection, where different variants of malware have their own fingerprints, which the systems then look for.
- Email and Web Filtering: Since phishing emails are a common delivery method for ransomware, invest in email and web filtering tools to reduce your exposure to malicious links and attachments.
- Employee Training: Educate your team on ransomware risks and encourage best practices like avoiding suspicious links, double-checking email addresses, and only downloading attachments from trusted sources.
Ransomware can be devastating, but it doesn’t have to result in total data loss. By actively maintaining backups, implementing redundancy, and using cloud-based storage solutions, you create a robust defense against these attacks. Prevention steps, combined with a well-planned data recovery strategy, not only protect your valuable information but also ensure quick recovery with minimal disruption if a ransomware incident occurs. If you’re interested in learning how you can partner with a Managed IT Provider like Natural Networks to help you defend from Ransomware and other malicious cyber-attacks, give us a call today!
