News

University of Mississippi Medical Center

Ransomware Attacks Targeting Healthcare & Small Businesses

Less than two weeks ago most of the University of Mississippi Medical Center shut down due to a ransomware attack. Imagine if UAMS had to shutdown and what impact would that have on state healthcare. Many hospitals feed to UAMS when cases are complex or urgent. Where could we turn then?

We don't see much of ransomware being reported any longer. This is probably due to other impactful events going on in the world. However, ransomware is still around. It's more targeted and more costly than ever before. It may not be hitting as many big name organizations but when it does, it costs much more. It's targeting the smaller businesses and healthcare providers more frequently.

We've been building and bolstering defenses against ransomware for years now. We know it's not just a one-time and done thing. You must continue to monitor and tweak as time goes on. We watch the attackers and their tactics and make those adjustments across all our clients' networks.

What can you do to reduce the risk? Well, since you asked:

  • Keep those systems patched. ALL OF THEM! Workstations, servers, network devices, VPNs, etc.
  • Enforce MFA on anything that's accessible from the Internet. This includes email (M365, Google, etc.), business apps (ERP, EMR, HR, finance), and VPNs. Don't assume MFA is the silver bullet though. There are bypass attacks.
  • Implement strong phishing protection on your email service. The basics offered by the vendor just don't cut it any longer. Attackers pass right by them. Get something stronger.
  • Disable externally facing services that you don't need. Do you have a VPN that you don't use? Does your email service allow legacy protocols that you no longer need? Shut them down.
  • Move beyond just trying to prevent attacks and add detection measures. We can't stop all attacks but we can cut them off early if we can see them. This can greatly reduce the negative consequences of an attack.

If you've been putting off MFA, please just make the move now. And if this looks like alot of work, we'd be happy to help you get secure. Just give us a shout.