The last decade has seen some incredible advances in healthcare, owed largely to the ability to diagnosis, treat, and track disease and illnesses virtually. We can dial-a-doc to Zoom with our primary care doctors, mail away our samples, and have prescriptions e-mailed to our pharmacy, all because our records, test results, and medications are housed on-line.
But, with these momentous steps forward come potential risks to our privacy and data integrity. Most recently, a ransomware group of hackers known as the Hive has set its sights on the United States’ healthcare sector. The Hive uses traditional ransomware tactics like phishing, phone calls, and the exploitation of remote networks and even VPNs to steal data from people at their most vulnerable. Worse still, they preempt users’ best practices by deleting shadow copies, backup files, and system snapshots so that when documents and personally identifiable information (PII) is stolen, they have no backups available. At that point, patients and healthcare groups feel there is no alternative but to pay a ransom.
The Health Sector Cybersecurity Coordination Center (HC3) says that healthcare organizations and individuals do have some tools in their arsenal to defend against such attacks:
- Supercharge your passwords. Choose strong, difficult to guess passwords and strengthen them further by requiring two-factor authentication.
- Monitor and fortify VPNs. With so much remote work, VPNs help employees remote into an office network, but it’s not a perfectly secure solution. Healthcare companies should consider hiring an accountable third-party VPN management system, and individuals should tighten up their VPN security by setting strong passwords, enabling a network lock, and setting up a kill switch.
- Adhere to the 3-2-1 Rule. HC3 recommends backing up data in three different locations, on at least two forms of media, with one stored offline.
The old adage goes that you’re nothing without your health. Make sure that while you’re taking good care of your health, you’re also taking good care of your online healthcare footprint!