Government of Telangana Aarogyasri Health Care Trust CIRUCLAR ‘Cirsular No, AHCTPMU Dopt/2017, Date: 1052017 ‘Sub: AHICT- PMU Dept, ~ Steps tbe taken to prevent Rersomvare Attack on client side computers (Network Hospitals) ~ Reg Its to inform that, forthe last to day, ransomware(Computr Virus) has been stacking ‘many computers all over the world. To prevent such attacks on Aarogyasti IT Applicaton al the nctwork Hospitals sre instructed to take following steps without Best practices fo prevent ransomware attacks: + Install Updated and Genuine Operating System in all dhe Computer(Windows 10) + Maintain updated Ansivirs software on all systems + Check regulay forthe integrity ofthe information stored in the databases + Regula check the contents of backup files of gatabases fr any unauthorized eneyped Regul USES ts or ehinal cleents ack naeous soaps on + Ensure integrity of the codes /scripts being used in database, authentication and sensitive Same + Exablish a Sender Policy Framework (SPF) for your domain, which is an email validation SSIS? o event aan by deastng Sma ailing by" which most of the nsomoare Samples fuceesstuly reaches the corporate end boxes + Keep the operating system third pany applications (MS office, browsers, browser Plugins) USC ASME Betrpatg Pa otentons ua) + Apliration whiting Stick implementation of Sofware Retin Polis (SRP) to ined upg om GAREDAT Aan STEMS pans Rancmare sample ops Sind excoutes generally Hom thes locations. * dito half sped ‘Evice, and Backups otal rita informatio it he mpet af at ose Joss ibe store ffne nia Don ope amen ano a See ers thas Ci steoa ices ERP ES sae + Follow safe practices when browsing the web, Ensure the web browsers are secured enough ‘wiltapprophate content contra: they come from people in your olcted e-mail even i the hak id go to the organization's «Network segmentatiog and segregation into security ones - help protect sensitive information Til Scat estes Sepuraté smite nctwork tom buses posses wih physical ‘Sontrols and Virtual Lofal Arca Networks+ Disable ActiveX content in Microsoft Office applications suchas Word, Excl, ete + Disable remote Desktop Connections employ least-privileged accounts not required consider disabl + Restict users abilities (permissions) to install and run unwamed software applications, + Enable personel firewalls on workstations. Implement strict External Device (USB drive) usage policy. + Employ data-atrest and data-in-traniteneryption + Consider installing Enhanced Mitigation Experience Toolkit, or similar hostlevet anti= explotation tools saree ee + Block the staccato ile pes, spl Bibel ries SFpslemalombataaipheps + Cary out vulnerability Assessment and Penetration Testing (VAPT) and information security auf of epical networkslsystems, apeciliycatabase eevee Roar CERT AN omeaael autos. Repeat audis at reyular increas + Individuals or pganizations are no encouraged o pay the ransom, a this does not guarantee ‘lesa be ese: Report sch Tatancs of Fat GCE sd Goss aguas Seencies ie Bea Com Se To 1. The MDs!CEOs/Medical Superintendents of all the Network Hospitals. 2, The GM (FOSS), AHCT with a request o communicate to all Dttict Coordinators of State of Telangana. Copy to 1. Allthe Hos, AHCT 2. ThePS to CEO, AHCT for favour of information,