We hear routinely in the news that a major corporation or government agency has had its data integrity compromised, with millions of pieces of personal data accessed. In these cases the criminals behind the attack hope to get money by selling that data to other criminals. In the case of ransomware, the criminals want your money, and try to get it by holding your data hostage. Plain, old fashioned kidnapping with a hi-tech spin.
What can you do to avoid falling victim?
Prevention is the best cure. Follow standard “data hygiene” principles that you probably hear about all of the time. Update your OS, software, and apps whenever a new release or patch is released. Do this ASAP. Some patches may be released solely as a result of the discovery of a vulnerability. Watch out for phishing scams. If anything looks “off” about an email, don’t open it. And never open links you aren’t totally sure of. If unsure, send an email back to the sender to verify they actually sent you a link.
The most important thing you can do to make sure your data cannot be held ransom is strictly adhering to a regimen of backups. Routine backup your data. However, even backups may not be foolproof. If your data has been infected and you are unaware of it, or the backup is not segregated from your network, your backups may also be corrupted. Given the severe consequences of a ransomware attack to a small medical practice, consider having a security evaluation done by a managed service provider who will have the security expertise to advise on the best backup protocols for your situation.