You are on page 1of 8


Overview Ransomware People Process Detection Call to action

& Impact

Produced in partnership with

Know, Protect,
and Recover
Standing Strong
in the Fight Against
Sponsored by
Overview Ransomware People Process Detection Call to action
Overview & Impact

Ransomware: the emerging threat

While malicious organizations out
of systems is much Hospital Declares Internal
cyberattacks are State of Emergency After
uglier because it
nothing new, the Ransomware Infection
can have a really
nature of the beast detrimental effect Click here for more information.
has changed, as on patient care,
cybercriminals now are deploying said Rick Bryant, ransomware to hold healthcare
ransomware any type of Healthcare organizations hostage.
Practice Manager High-profile ransomware cases such
malware that restricts access to a
at Veritas as the attacks that occurred at Hollywood
computer system or data until a Technologies LLC. Presbyterian and MedStar Health in early
payment is made to bring
organizations need Imagine 2016 have brought attention to the fact
operations at healthcare to know exactly
if a patient is that healthcare organizations cant sit idle
organizations to a grinding halt. brought to an but instead must begin to manage their
where their critical
As a result, leaders need to work emergency data in a manner that makes them less
patient information
department and vulnerable to intrusions.
harder than ever before to tame is, so they can the clinicians cant Healthcare organizations need to
this rabid threat. better protect it. get access to his know exactly where their critical patient
Getting into healthcare systems and Rick Bryant records and give information is, so they can better protect it,
stealing data to sell has a negative impact him a drug he is allergic to. There are Bryant said. Its not like other industries
on patient privacy, but locking healthcare some very real patient care implications. where you might not be able to process an
Unfortunately, as healthcare order if a criminal is holding information
Crash Course In organizations have become increasingly ransom. In healthcare, you could be putting
Modern Day Ransomware reliant on information technology, human lives at risk. n
cybercriminals have realized and
Click here for more information.
exploited the fact that they can use

Know, Protect, and Recover: Standing Strong in the Fight Against Ransomware 2
Overview Ransomware People Process Detection Call to action
Ransomware & Impact

Ransomware goes rogue and rampant

While ransomware for 36 percent of
the ransomware As ransomware attacks spread,
has been in health system hit by phishing
used, according to
existence since
a report from Click here for more information.
the late 1980s, Symantec.2
it has become Crypto encrypts sophisticated technology than many
much more sophisticated, the data that healthcare organizations, said Greg
prevalent and difficult to control resides on Carter, Healthcare Technologist at Veritas
computers and Technologies LLC. Healthcare
in recent years.
devices, rendering organizations struggle with having the
The AIDS Trojan, first-generation malware Healthcare it useless by technical skills to defend their data.
introduced in 1989, was relatively easy to organizations end-users. The After all, their business is patient care,
overcome, as victims were able to use first instance of not technology.
struggle with
tools to decrypt the affected data and this type of Healthcare organizations, however,
having the technical
restore their systems quickly.1 ransomware, can reduce their risk by identifying what
skills to defend
Fast forward to today, and cybercriminals which now information needs to be protected and
are using more sophisticated and potentially
their data. accounts for 64 therefore, becoming less vulnerable.
dangerous forms of ransomware. Greg Carter percent of the With solutions such as Data Insight from
Locker, which locks out end-users from ransomware used today,2 appeared in Veritas, for example, organizations can
accessing computers or devices, accounts 2013 in the form of CryptoLocker, a identify where all critical unstructured data
ransomware Trojan that generated a resides and then move it to a safe
Hackers hit another 2048-bit RSA key pair and was spread location or encrypt it. n
hospital with ransomware, through email attachments and drive-by REFERENCES
encrypt four computers downloads from infected websites.1 1. Your Money or Your Life Files, 2016.
2. Symantec. The Evolution of Ransomware, August 6, 2015.
Unfortunately, hackers are better
Click here for more information.
resourced and, therefore, deploy more

Know, Protect, and Recover: Standing Strong in the Fight Against Ransomware 3
Overview Ransomware People Process Detection Call to action
People & Impact

Prepared to prevent, ready to restore

While ransomware
targets computers,
it takes a human
touch to prevent
such attacks.
People are the ones using the system.
It is through people that ransomware is
spread throughout an organization, Bryant
said. The attackers are sending phishing
emails or bad URLs or posting malvertising succumb to cybercriminals threats. from other attacks. For instance, they might
on legitimate websites.So, it is the people The cultural stigma of being hacked stage the ransomware attack while another
who you have to educate on what to do shouldnt be any more of an event than a attack is redirecting pharmaceuticals.
and what to look for to halt ransomware. hard drive crashing. It happens and its So, they might have a shipment of
Your people must be continually educated disruptive, but if staff members can narcotics redirected to one of their
on how to avoid malicious attacks that will confidently call their IT department and hotspots, so they can sell drugs. Thats
put their organization at risk. know that they will be up and running where the real money might come in for
Perhaps most important, staff members within a few hours then they dont even the cybercriminals, Bryant said. But if
need to have confidence in their ability to have to try to negotiate with criminals healthcare organizations have confidence
restore their systems so they wont easily and put their organization at a bigger risk, in their ability to recover, then they wont
Bryant said. have to fall prey to such schemes. n
Tips for protecting hospitals Such confidence in the ability to recover
from ransomware as can help organizations carry on, even as Crash Course In
cyberattacks surge ransomware attacks become more malicious. Modern Day Ransomware
Click here for more information. Cybercriminals are starting to stage
Click here for more information.
ransomware attacks to divert organizations

Know, Protect, and Recover: Standing Strong in the Fight Against Ransomware 4
Overview Ransomware People Process Detection Call to action
Process & Impact

Sound information governance

Its good to hold
NIST Framework
valuables close to
the vest while trying Click here for more information.

to protect them. initiatives, organizations can then develop

But doing so is an sound security processes by drawing
exercise in futility if you dont guidance from published documents such
know where valuables are located as the NIST (National Institute of Standards
and Technology) CyberSecurity Framework.
or if you have too many to carry.
With such a framework serving as an
According to Veritas recent report, The overall guide, healthcare organizations can
Databerg Report: See What Others Dont, continually weave best practices into their
many healthcare organizations are creating processes. For example, they might want
unwieldy databergs that make it difficult to adopt a defense in depth strategy as a
to get a handle on exactly what needs to best practice.
be protected. These databergs consist of: Defense in depth goes back to a military
Business Critical Data This is data identified as vital to strategy that has multiple lines of defense,
the on-going operational success of our organization. Read the Databerg Report Bryant explained.The concept is that
We need to protect and proactively manage business
critical data.
Click here for more information. there is a multi-layered approach.So, if
Redundant, Obsolete And Trivial (Rot) Data This is
data identified as Redundant, or duplicate, data, attackers penetrate one layer, there is
Obsolete, no longer having business value, and Trivial To avoid spiraling future data manage- another layer that will block them. n
data with little or no business value for us. We need to
proactively minimize ROT data by securely deleting it on ment costs and the risk of sweeping sanc-
a regular basis. tions, US organizations need to take action, Veritas Information
Dark Data This is data whose value has not yet been
identified. It may include vital business critical data as well now, and reduce their Databergs. Governance Solutions
as useless ROT data. Either way, it consumes resources.
After determining what needs to be
We need to explore and assign dark data, as either ROT Click here for more information.
or business critical data, as soon as practical. protected through information governance

Know, Protect, and Recover: Standing Strong in the Fight Against Ransomware 5
Overview Ransomware People Process Detection Call to action
Detection & Impact

Technology: driving strategic

data management
Electronic data is appropriate storage area or encrypting it.
NIST Cyber Security Framework With these tools, organizations can finally
growing at an
Click here for more information. understand the difference between the
data that is needed to drive the
rate in the In healthcare, more data equals more organization forward and the data that is no
healthcare industry. risk, Bryant said. However, healthcare longer needed, Carter said. And, they can
An overwhelming amount of data that organizations are afraid to delete things start to strategically manage data instead
organizations hold on to, however, has no because they dont know the difference of just building more storage space. n
legal, regulatory or business value. In fact, between an MP3 music file and a file with REFERENCE
1. Compliance, Governance and Oversight Council (CGOC).
69 percent of an organizations stored drug treatment protocols. They need to be
Information Governance Benchmark Report in Global
information is redundant, outdated or able to identify the data that is critical to 1000 Companies, October 2011.
trivial, according to the Compliance, patient care.
Governance Oversight Council.1 Information governance technologies Data Loss Prevention
With manually separating critical data can help healthcare organizations practice
Click here for more information.
from useless data a time-consuming and defensible deletion.These tools can also
ultimately fruitless exercise, organizations help to identify unnecessary privileged
must start leveraging technologies that access, recognize who is accessing data
enable them to support better information (and when, where and why they are
governance programs. accessing it), and identify and archive
useless data from primary storage.Most
Veritas Data Insight importantly, such technology can identify
protected health information (PHI) and then
Click here for more information.
safeguard this data by moving it to an

Know, Protect, and Recover: Standing Strong in the Fight Against Ransomware 6
Overview Ransomware People Process Detection Recovery Call to action
& Impact
& Impact

Leveraging technology to recover

While healthcare that will ensure that all data and
applications are replicated not just InfoScale Storage
organizations must Flashsnap functionality
backed up and everything is stored
do everything in
safely at a reliable recovery site. Click here for more information.
their power to These solutions make it possible to
protect themselves recover the data to the time previous to they are likely to fail. There is always a
from ransomware attacks, they the ransomware attack, Carter said. Point- possibility that something has been
also must prepare for the worst. in-time backup ensures that organizations missed. So, testing is critical. n
wont lose many months worth of data.
Many healthcare organizations dont To add an extra layer of security,
have a simplified, automated and healthcare organizations should deploy
predictable disaster recovery strategy. The backup appliances that have security in the
identification of what is truly critical data boxes themselves so they cant be
and the proper way to recover is at times compromised, according to Carter. You
not clear or tested, Carter said.So, they can have a ransomware attack in the
wind up having to pay a ransom and do a organization, but it wont affect backups if
press release about the attack.That breaks you are using one that has embedded
my heart because it sends the wrong security, he added.
message and could prompt more hackers Perhaps most important, organizations
to target healthcare. need to test their backup plans and
Healthcare organizations need an technologies before disasters strike.
enterprise backup and recovery solution It all means nothing if organizations
dont conduct simulations and testing,
NetBackup Converged Platform Carter said. If organizations just put
recovery policies and technologies in
Click here for more information.
place and assume everything is OK,

Know, Protect, and Recover: Standing Strong in the Fight Against Ransomware 7
Overview Ransomware People Process Detection Call to action
& Impact Call to action

A comprehensive defense
Healthcare information governance initiatives and guard against and quickly recover from
organizations are implementing sophisticated, ransomware attacks.Only then will
comprehensive security programs that organizations be able to provide patient
being held
delineate how people, processes and care without unnecessary and disastrous
ransom like technology can be used to steadfastly interruptions. n
never before.
As cybercriminals become more
sophisticated and leverage
advanced tools, more healthcare
organizations are becoming
the victims of increasingly
malicious ransomware attacks.
While some of the initial victims To learn more about how healthcare
succumbed to their attackers demands organizations can better protect valuable
and wound up paying ransoms to regain
access to their computer systems its
patient data in this era of cybercrime, go to
time to fight back.To protect themselves,
healthcare organizations need to reduce
risk by mounting comprehensive

The Data Cure:

Information Management
in the Healthcare Sector
Click here for more information. 2016 Veritas Technologies LLC. All rights reserved. Veritas and the Veritas Logo are trademarks or registered trademarks of
Veritas Technologies or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.

Know, Protect, and Recover: Standing Strong in the Fight Against Ransomware 8