Ohio Hospital Disrupted by Ransomware Attack

Ransomware, Security, Security Threats, Training, , ,
25
Dec 2018

Hospitals deliver a crucial service where productivity is key and any downtime can be disastrous. So, what happens when they’re struck by ransomware?

Healthcare providers are no strangers to ransomware as last year’s WannaCry attack demonstrated, so it would be safe to assume that hospitals are more vigilant than ever. And they are, but human error will always remain a factor and accidents can happen. A case in point is the East Ohio Regional Hospital (EORH) and the associated Ohio Valley Medical Center (OVMC) who have both suffered ransomware disasters in recent weeks.

While your organization may not be based in the healthcare section, hackers tend not to discriminate against their victims too closely and you could easily be next. Therefore, we’re going to take a look at what happened with EORH and the lessons that can be learned.

Emergency Room Chaos

The exact details behind the EORH ransomware attack have not been revealed as of yet, but a hospital spokesman has confirmed that their first line of security was considered redundant. This could indicate unpatched software or even poor staff training as the root cause of the attack, but this is purely speculation. Thankfully, the second line of defense employed by the hospital managed to stop the attack in its tracks and no data was breached, so there was no need to pay any ransom.

However, the impact of this ransomware attack led to a massive drop in productivity for the EORH. Computer networks had to be put into an immediate state of shutdown in order to protect any vulnerable data and, in many cases, staff had to move to charting patient data on paper. With split seconds being of significant importance in healthcare, this attack represented a major bump in the road for the EORH. Neither the EORH or OVMC were able to accept ER patients from emergency responders and these patients had to be redirected to other hospitals.

Combating Ransomware

The EORH were exceptionally lucky that their data remained safe and secure following the ransomware attack, but the downtime they experienced was a major disaster. And this is why all organizations need to be vigilant against such attacks. Downtime is never an option for an organization that wants to serve its clients, so make sure you follow these best practices:

  • Complete Regular Backups – No business can claim to be 100% immune from ransomware, but all businesses can regularly backup their data. And, if data is encrypted by ransomware, you then have the option to implement this backup and restore operations.
  • Multi-layered Security is Vital – As the EORH found, multiple layers of security prevented their ransomware burrowing too deep within their network and patient data was safely protected.
  • Educate Your Staff – The importance of educating your staff on the dangers of ransomware can never be underestimated. Humans are prone to error and, as one of your first lines of defense, they need to be educated on the threats they may encounter.
  • Limit Network Privileges – A simple method for limiting the spread of ransomware throughout your network is by limiting network privileges and access purely to those who need it. With every user having deep access into your network, there’s an increased risk of one data breach infecting the entire network.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Security Trends to Look Out For in 2019

Cyber Attack, Encryption, Hacking, Internet of things, Ransomware, Security, Security Threats, , , , , , ,
04
Dec 2018

2018 has been a year where malware, ransomware and data breaches have barely been out of the headlines, but what’s in store for cyber-security in 2019?

As long as there’s a digital landscape, hackers will continue to launch an array of attacks that take in numerous different techniques. And, most importantly, they will continue to evolve their methods to avoid detection and cause more damage to networks and the PCs on them. With this in mind, it’s perhaps the best time to take a look at the security trends which will be most important for your organizations defenses next year.

To help you get prepared for next year, we’re going take a look at some of the major security trends to look out for in 2019.

Backups will continue to be Crucial

With ransomware still remaining a prevalent and major threat to secure and essential data, backing up your data regularly and rigorously will be a vital task for all organizations. Backups may seem a costly affair in terms of budget and time, but it only takes one employee to fall victim to a ransomware scam for your entire network’s data to be compromised. And with new ransomware scams such as Zenis deleting backups, it’s essential that offsite and non-network backups are also held.

Coinminer Malware Remains a Threat

Cryptocurrency is still a lucrative business and mining for cryptocurrency continues to generate large amounts of cash. However, whilst this is perfectly legal and above board, the use of coinminer malware is far from legal or ethical. Due to the amount of processing power involved in mining for cryptocurrency, hackers are using malware to enslave PCs remotely and using their processor power to mine for cryptocurrencies. This form of malware has become harder to detect and more sophisticated throughout 2018, so expect it to evolve further in 2019.

The Hacking of IoT Devices will Increase

Close to 27 billion IoT devices will be connected in 2019 – an increase of nearly 3 billion compared to 2018 – so you can bet your bottom dollar that the number of attacks in this arena will increase accordingly. Unfortunately, many owners of IoT devices are still neglecting to change the default password to access these devices and this is giving hackers free rein to take control of them. Not only does the default password debacle remain an issue, but hackers are now designing malware to take advantage of vulnerabilities in IoT devices.

Security Training

Due to the threats already presented, security training will become paramount in 2019. As hackers evolve their methods of attack at a rapid pace, keeping your organization’s staff aware of these threats is one of the best forms of defense you can employ. Awareness training hammers home the basics of good security practices and you’ll find that these can also be used to combat the new threats which will no doubt go head to head with your security defenses.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

How to Plan for Better Disaster Recovery in IT

Backup and Recovery, Best Practices, Cloud Backup, Disaster Recovery, IT Best Practices, , ,
28
Aug 2018

Due to our reliance on data technology, good disaster recovery processes have never been more vital. However, how do you plan for better disaster recovery?

It may be a challenge, but you don’t need to feel apprehensive when trying to tackle this complex problem. And when it comes to disaster recovery, planning is the most important factor. If your IT systems fail then you need to start your recovery process as soon as possible and ensure it’s as effective as it can be. The sooner you can restore normal operations, the less your productivity is affected.

So, if you want to make sure your disaster recovery procedures are finely tuned, make sure you incorporate the following tips. They could be the difference between no IT infrastructure and one that can keep your organization functioning.

Have a Plan

The first step towards having a better disaster recovery plan is to have a plan. Unfortunately, many organizations find themselves too busy to worry about potential disasters and, instead, concentrate purely on the present. While this may help you with your immediate business objectives, it’s not going to help you in the case of an emergency. Therefore, starting work on a disaster recovery plan needs to be sooner rather than later.

Cost isn’t Everything

It’s understandable that budgets are essential when it comes to good business, but disaster recovery plans for IT infrastructure are a little different. Without a fully functioning IT service, it’s unlikely your organization is going to be able to trade at its full potential, if at all. And this is why you need to be careful when looking at the technology and services required for your data recovery. Naturally, you shouldn’t spend an exorbitant amount of money that could cripple your margins, but you also need a data recovery plan which can recover your IT infrastructure quickly and effectively.

Understand Your Recovery Objectives

Key to a good recovery process is understanding what data is crucial and how soon it’s required in the case of a data outage/loss. Objectives, of course, need to be achievable, so don’t burden yourself with unattainable goals such as ‘every worker to have access to emails within 10 minutes of a data disaster’. The best way to test your objectives and measure how attainable they are is through regular testing. This should prepare you for any future scenarios and guarantee that you know how to manage their impact.

Update Your Recovery Plan

If you’re lucky, your organization will manage to operate for a long time without experiencing any data disasters. However, this can lead to a dangerous sense of inertia creeping into your recovery processes. And, as we all know, technology moves at a rapid pace. Software and hardware can be replaced on a yearly basis and these new developments may not chime harmoniously with your existing recovery plan. Accordingly, your disaster recovery plan needs to be regularly reviewed to ensure that it’s current and matches your existing IT landscape.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

5 Best IT Practices for Small Businesses

Backup, IT Best Practices, Power Protections, Security, Technical Support, Updates, , , , , ,
09
Jul 2018

It’s important for small businesses to make the most of their IT capabilities, so understanding what the best IT practices are is paramount.

If you can implement the right IT practices in your organization then you’re clearly a smart thinker as it can only lead to increased productivity. However, for a small business this isn’t always the easiest strategy to formulate. The cost of investment can often restrict your use of brand new technology, so you need to be a little bit smarter. And the good news is that costs can be kept to a minimum.

To help you get started on getting the best out of your IT, I’ve put together a list of five best IT practices for small businesses.

  1. Backing up the Right Data

Backing up data can be an expensive process. Not only is physical storage costly, but cloud storage can soon start totting the dollars up. However, this is all dependent on the amount of data you want to back up. Therefore, if you can reduce the amount of storage you need to backup, you can reduce your storage costs. The best way to achieve this objective is by thoroughly researching how your data is used and determining exactly what you need to backup.

  1. Staff Security Knowledge

Cyber security should be a major concern for all businesses, but for a small business it’s crucial. With a wide range of new cyber-attacks such as ransomware and phishing emerging every day, the risk of your business operations being disrupted is high. Whilst firewalls and carefully secured, partitioned servers can make a huge difference, it’s even more useful for your employees to understand good security practices. All it takes is one malicious email to be clicked on to bring your organization to a halt, so ensure that regular refresher courses on security threats are conducted for your employees.

  1. Install all Updates

Keeping on the security theme, it’s essential that all updates for your software and hardware are installed as soon as possible. Once your IT equipment becomes even slightly out of date then it’s at risk of becoming vulnerable to hackers. However, if all the latest updates and firmware upgrades are installed, then you’re improving the defenses of your data no end.

  1. Good Power Protection

Your PC technology is important, so you need to ensure that it’s protected from the damaging effects of power outages and surges. Not only can these events reduce the lifespan of your technology, but they’re also capable of wiping data if they happen in the middle of a backup. To counter this risk, it’s vital that backup hardware comes with adequate battery support to keep backups running. Likewise, ensuring that your servers have reserve power supplies which are uninterruptible can help keep your data accessible and safe at all times.

  1. Provide Good Technical Support

Your business needs professional IT support, there simply isn’t any other option if you’re working with PCs. And when I say professional, I mean professionally trained and not a hobbyist who likes to tinker with their PC every now and then. Knowledge, after all, equals authority and when you’re working with complicated technology, you need as much authority as possible. Maybe this will be outsourced or maybe you’ll build an in-house team, either way it should be a priority for your organization.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

How to Choose the Right Cloud Storage Provider

Cloud, Cloud Backup, Data Volume, Security, Speed, Uptime, , , , ,
19
Jun 2018

Storing files in the cloud is becoming increasingly popular for businesses, but how do you choose the right cloud storage provider when there are so many?

There are a wide range of factors to consider when choosing a cloud storage provider, so it’s no surprise that settling on one is difficult. All providers will offer different options and plans, but the good news is that there are set basics which will apply to your business. The first step is making sure you can find a provider who can satisfy your basic needs..

To help you get started, we’re going to look at what these foundations of cloud storage are and how they apply to your organization.

Data Volume

The amount of data that your organization processes is important when it comes to choosing a cloud storage provider. After all, different providers are going to have different capabilities when it comes to storing data. The basic plan available through Dropbox, for example, is 2GB and while that may be fine for an individual running their own business, an organization with 250 employees is going to need a little more. Obviously, numerous pricing plans are available for different providers depending on your storage needs, so it makes sense to calculate your storage needs (and future needs) and compare prices.

Uptime

Cloud servers are not infallible and they can fail just as easily as your own servers can. However, certain service providers’ networks fail more than others. And this can present a serious problem for your operations if your data is unavailable when you need it most. Therefore, you should always ask cloud storage providers to demonstrate their contingency plans in the case of server failure and, more importantly, statistics which show the reliability of their servers in terms of uptime.

Speed

Download speeds are one of the most essential elements of cloud storage for you to consider. The speed at which you can download your data can have a significant impact on your ability to do business. Say, for example, you’ve suffered a data disaster and need your data restored as soon as possible, if your cloud storage provider has a cap on their download speed then it’s going to take longer to get back up and running. That’s why you need to make sure you understand the download speeds that are available from your cloud storage provider.

Security

If your data becomes compromised then cloud storage provides a useful backup. However, there’s no guarantee that your cloud storage provider is safe from security breaches. And, if they are compromised, then the safety net of their backup is suddenly removed. This leaves you in a precarious situation whereby the safety of your data is significantly reduced. Therefore, understanding your cloud storage provider’s security measures are paramount. The main factors to consider are the provider’s physical security of their servers and the level of encryption they apply to stored data.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More
1 2 3 4 5 6 7