How to
Brianna Gammons
Jun 2016

Protecting Hospitals from Ransomware Attacks: 6 Things to Do Now

Photo by Source


From a $17,000 ransom payment to hundreds of facilities unable to access patient records, the healthcare industry has taken quite the beating from ransomware this year. Overall, crypto-ransomware attacks rose 5.5x from April 2015 to March 2016— and IT security executives are on high alert.

The good news is there are precautions healthcare providers can take to drastically reduce their risk of falling victim to a ransomware attack. In our new eBook, Ransomware Protection 101, we provide a guide to ransomware for hospitals and healthcare providers. Check it out to see what lessons can be learned from high-profile attacks, including tips for how to react in the event of an attack, and advice for how to avoid being infected by ransomware in the first place.

Here’s a preview of the guide covering six things you can do now to reduce your risk of a ransomware attack.

6 Things You Can Do Now to Mitigate Your Risk of Ransomware

So, what can you do to safeguard your systems and your patients’ information?

  1. Install endpoint security software
  2. Automate patch management
  3. Invest in security awareness training
  4. Develop a backup strategy
  5. Identity & access management
  6. Develop a disaster recovery plan

Keep reading to see why these things are important and resources to help you get them done.

1) Install Endpoint Security Software

Effective security comes in layers, and to stop modern and zero-day attacks that haven’t been seen before, you need to consider additional endpoint security software on top of the antivirus you're likely already using.

The endpoint technology landscape is vast and it can be hard to decide what you need to protect your organization. Antivirus protection is important for protecting against known viruses and malware, but because it relies on signature-matching, it can’t be expected to keep up when hundreds of thousands of new malware variants are created every day.

2) Automate Patch Management

Healthcare providers are much more likely to be running outdated software and using applications with known vulnerabilities than organizations in other industries, according to a report from Duo Security.

To reduce your risk of attack, consider automating your updating process by adding a patch management solution as part of your security stack. If you’re not sure what kind of solution you need, check out our blog post on resources to protect yourself against ransomware.

3) Invest in Security Awareness Training

If you work for a healthcare organization covered under the privacy and security rules, you're required to train all workforce members on privacy and security policies and procedures. You can find a list of security awareness compliance requirements at For an example of what security awareness training looks like, see this course outline from the Department of Health and Human Services.

4) Develop a Backup Strategy

Reevaluate your backup systems to make sure they're ransomware ready by reviewing the following:

  • Your recovery point objective (RPO): How often your backups are created.
  • Your recovery time objective (RTO): The time it takes to get your computer up and running after backup is restored.
  • Where your backups are stored: Remember, local backups and backups accessible via network shares are at risk of being encrypted, too.

If you have a MSP, they should be able to update you on these points, as well.

Note: The next two points are especially important for healthcare organizations in order to help comply with HIPAA security standards.


5) Invest in Identity & Access Management

Another key protection is practicing the principle of least privilege — ensuring that user access and privileges are limited to the bare minimum they absolutely need. Identity and access management solutions can help with that by enabling you to manage permissions and see what users are accessing at all times.

Where this can get difficult is if you have fixed computer terminals in your waiting, examination, or operating rooms. People may not always sign out. This practice leaves you vulnerable. If you were to suffer a ransomware or other type of malware-based attack, it’s important to know who was accessing the data in order to see the potential reach of the problem.

Even if you don’t work for a healthcare provider, it's still important to manage permissions on your users accounts and make sure they log out of their computers when they aren’t using them.

6) Develop a Disaster Recovery Plan

You may already have a disaster recovery plan in place to comply with HIPAA Regulations, but does it include how to respond when there’s a ransomware attack?

As a healthcare provider, you need to be prepared to deal with any potential disruption to patient treatment and services as quickly and effectively as possible. That means having a detailed and actively rehearsed plan in place.

Although it isn’t mandated for types of organizations not covered by HIPAA to have a disaster recovery plan, as an IT professional, you should still be thinking about how you would react to a ransomware attack.

For more tips like these, check out Ransomware Protection 101. Stop worrying and start preparing for ransomware. 

Brianna Gammons

Brianna Gammons

Brianna is helping us grow an active community of security beginners and experts alike. She is exploring topics like security in healthcare and how to keep companies safe from ransomware.


Close the gaps in your security

Stop paying for AV, get the strongest protection instead. See how Barkly blocks attacks that are getting past AV.

See a demo


Stay informed!

Get the latest security news, tips, and trends straight to your inbox.

Stay informed!

Get the latest security news, tips, and trends straight to your inbox.