Data Breach at Norton Healthcare After Ransomware Attack 

ALPHV, Data Backup, Data Breach, Employee Training, Norton Healthcare, partition hard drives, Ransomware, , , , , ,
30
Jan 2024

Healthcare data is some of the most sensitive and confidential data to exist in IT systems, so the ransomware attack at Norton Healthcare is a big deal. 

Based in Kentucky, Norton Healthcare is a provider who delivers health services to adults and children in over 40 clinics. Their objective, as with all healthcare providers, is to improve the lives of their patients. However, a recent data breach has done little to inspire a sense of wellness in their patients. The breach, which occurred in May this year but is only just being reported, was part of a ransomware attack. Norton Healthcare’s network was breached for two days, but there appeared to be no evidence that their medical record system had been accessed. 

Nonetheless, healthcare data should always be secure, and breaches in local networks represent a major cause for concern. 

The Norton Healthcare Attack 

The exact nature of the attack has, at present, not been released. But we do know what the impact of the breach was. After discovering that an attack was taking place, Norton was forced into turning its network off, the last thing a healthcare provider wants to do. As the attack was unfolding, Norton received, in a novel twist, a faxed ransom note featuring threats and demands. Later that month, a ransomware group known as ALPHV claimed responsibility for the attack. 

ALPHV released a statement to the dark web which claimed that they had managed to compromise 4.7TB worth of data from Norton Healthcare’s servers. As proof, ALPHV uploaded numerous files – containing patients’ bank statements and Social Security numbers – to backup their claims. Norton’s official line is that only some network storage devices were breached, and these only contained identifying information rather than any medical data. 

How Can Healthcare Providers Protect Themselves?

With more and more healthcare providers coming under attack from threat actors, it’s important that they understand how to minimize their risk. In fact, these lessons are valuable for any business running an IT network, so it’s time to find out how. So, to stay safe from ransomware attacks, make sure you follow this best guidance: 

  • Regular backups: it’s vital that you perform regular backups of your data to ensure, if it becomes encrypted by ransomware, you still have access to it. Ideally, these backups should be completed daily at the very least, and they should always be saved to secure locations. It’s important to keep copies of your backups offline as well, this will allow you to access your data even if you need to take your network down. 
     
  • Partition your hard drives: to minimize the impact of a breach, it’s a good idea to partition you hard drives and data storage. By separating these from your main network, and from each other, you’re limiting the files and data that malware can access. This minimizes the risk of data loss and allows you to keep important systems online. 
     
  • Employee training: educating your staff about the dangers of social engineering and phishing emails is one of the most important steps you can take. Ransomware, such as the strain encountered by Norton Healthcare, is often spread through emails and your employees need to be able to identify these threats before clicking on them. 

For more ways to secure and optimize your business technology, contact your local IT professionals. 

Read More

Use the 3-2-1 Backup Method to Protect Your Data

Backup, Backup and Recovery, Backup Strategies, Data Backup, Data Storage, Ophtek, , , , ,
28
Jan 2020

Hardware can easily become compromised, stolen or damaged. And this can leave you without crucial data. But the 3-2-1 backup method is here to help.

Data disasters are most often caused by hardware failure, human error or cyber-attacks. Regardless of the cause, your organization needs a good backup strategy in place. You need to be able to retrieve your data in the event of an emergency. Without a backup strategy you will struggle to recover and this will have a major impact on your productivity. And that’s why the 3-2-1 backup method has proved to be so popular with businesses.

Data protection has never been more important that today, so we’re going to take a look at how the 3-2-1 backup method can protect your data.

What is the 3-2-1 Backup Method?

The principle behind the 3-2-1 backup method lies in its name:

Let’s take a closer look at each part of the method to help you understand the thinking behind it:

  • Keeping at Least 3 Copies of Your Data: To keep just one backup copy of your data is careless. Say, for example, your data is compromised by ransomware. An option would be to retrieve your backup data from an external hard drive. But what if you discover this device has been damaged in some way? You need an alternative solution. And this could be accessing a USB drive or connecting to a cloud storage solution. The minimum number of copies you should keep is three, but there’s no maximum. You can keep three, five or fifty. 
  • Keeping 2 of these Copies on Local Devices: Onsite backups are essential for keeping your productivity in place. Data disasters are unpredictable and can have an instant impact. Therefore, you need to make sure that you have your backup data close to hand. This approach will allow you to quickly implement any compromised data and establish normal working practices. Again, it’s important to have more than one local backup available to safeguard against any technical issues. 
  • Keeping at Least 1 Copy Offsite: If you want to reap the benefits of a complete backup strategy you need to keep one copy offsite. Advances in cloud computing mean that it’s easier than ever to store data offsite. And this can pay dividends in the case of a local disaster. If, for example, you are hit by a hurricane or a flood, all your local backups could be damaged. It doesn’t matter if you’ve got three or three hundred. But if you keep at least one copy in the cloud you are ensuring comprehensive data protection is in place. 

Final Thoughts 

A good backup strategy is vital in protecting your data in the event of a data disaster. And it pays to be comprehensive in the manner in which you protect your data. The 3-2-1 backup method is the perfect way in which to achieve this.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

5 Best IT Practices for Small Businesses

Backup, IT Best Practices, Power Protections, Security, Technical Support, Updates, , , , , ,
09
Jul 2018

It’s important for small businesses to make the most of their IT capabilities, so understanding what the best IT practices are is paramount.

If you can implement the right IT practices in your organization then you’re clearly a smart thinker as it can only lead to increased productivity. However, for a small business this isn’t always the easiest strategy to formulate. The cost of investment can often restrict your use of brand new technology, so you need to be a little bit smarter. And the good news is that costs can be kept to a minimum.

To help you get started on getting the best out of your IT, I’ve put together a list of five best IT practices for small businesses.

  1. Backing up the Right Data

Backing up data can be an expensive process. Not only is physical storage costly, but cloud storage can soon start totting the dollars up. However, this is all dependent on the amount of data you want to back up. Therefore, if you can reduce the amount of storage you need to backup, you can reduce your storage costs. The best way to achieve this objective is by thoroughly researching how your data is used and determining exactly what you need to backup.

  1. Staff Security Knowledge

Cyber security should be a major concern for all businesses, but for a small business it’s crucial. With a wide range of new cyber-attacks such as ransomware and phishing emerging every day, the risk of your business operations being disrupted is high. Whilst firewalls and carefully secured, partitioned servers can make a huge difference, it’s even more useful for your employees to understand good security practices. All it takes is one malicious email to be clicked on to bring your organization to a halt, so ensure that regular refresher courses on security threats are conducted for your employees.

  1. Install all Updates

Keeping on the security theme, it’s essential that all updates for your software and hardware are installed as soon as possible. Once your IT equipment becomes even slightly out of date then it’s at risk of becoming vulnerable to hackers. However, if all the latest updates and firmware upgrades are installed, then you’re improving the defenses of your data no end.

  1. Good Power Protection

Your PC technology is important, so you need to ensure that it’s protected from the damaging effects of power outages and surges. Not only can these events reduce the lifespan of your technology, but they’re also capable of wiping data if they happen in the middle of a backup. To counter this risk, it’s vital that backup hardware comes with adequate battery support to keep backups running. Likewise, ensuring that your servers have reserve power supplies which are uninterruptible can help keep your data accessible and safe at all times.

  1. Provide Good Technical Support

Your business needs professional IT support, there simply isn’t any other option if you’re working with PCs. And when I say professional, I mean professionally trained and not a hobbyist who likes to tinker with their PC every now and then. Knowledge, after all, equals authority and when you’re working with complicated technology, you need as much authority as possible. Maybe this will be outsourced or maybe you’ll build an in-house team, either way it should be a priority for your organization.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

How to Enhance Your Backup Process

Backup, Cloud, Cloud Backup, Data Backup, ,
29
May 2018

Backing up data is crucial for any organization, but it’s even more important that a good backup is performed or it may not be worth backing up at all.

Wasting time and resources on the wrong type of data or failing to backup data effectively can spell disaster for your restore options, so it’s essential you maximize the efficiency of your backup process. Understanding how you can improve and enhance your backup process, though, is a major struggle that many organizations face.

Therefore, we’ve put together a few pointers on how you can begin to reorganize your backup process and ensure that the data you need is available when you need it.

Keep Three Copies of Your Backup

The more sure-fire way to protect the availability of your data is by making multiple copies. The minimum you need is three, but what’s most important are the locations these backups are stored in. Naturally, you will want one copy based on site, but to minimize a loss of data you will also want two copies that are based off site. By storing these in, for example, a cloud based server or a remote data center, your organization can rest assured that a successful restore is almost guaranteed in almost all data loss scenarios.

Monitor Your Backups

As data gets bigger and bigger, the complexities behind backups increase accordingly. And this is why monitoring and analyzing your backups is more important than ever. To better understand how your system is coping then you will need to implement systems which can automatically survey servers and monitor how effective your backup process is and list any failures. Performing this kind of analysis manually is incredibly labor intensive and involves a lot of spreadsheets, so investing in specialized, automated software is vital to safeguard future backups.

Cloud Backup is Crucial

Cloud servers provide a highly elastic option for all your backup and restore needs, so there’s no excuse for not integrating them into your backup process. Not only can cloud servers help to counter the rapid increase in data size, but, as a remote system, they deliver fantastic protection from ransomware and other data disasters. Data can be transferred/accessed from cloud servers exceptionally quickly compared to traditional wide-area networks, so a cloud server can get your organization back on track quicker than ever before.

Protect Everything

While Windows is the primary target of most data attacks, it’s impossible to say that other services – such as the virtual application host Citrix – will not become the focus of attacks in the near future. Protecting all your servers and applications, therefore, allows you to keep your defenses fully manned and minimizes the amount of data loss that could occur. It’s important, however, that you don’t complicate your backup process with numerous pieces of software to help backup individual components. Instead, look for an all-in-one solution that can automate all the various backups and keep all your data safe.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More