The number of ransomware attacks worldwide has climbed 20 percent in the last two months, and 93 percent in the past year, according to a June release from Check Point Research. The cost to businesses this year alone is estimated to be $20 million from ransomware, up 57 times from six years ago.
"And here's the big kicker - 80 percent of those who chose to pay were attacked a second time, with 46 percent believing it was by the same attackers," says Javier Gomez, owner and CEO of Dynamic Quest.
The most vulnerable point in healthcare businesses for malware? "Too many people are working at home right now, and they are not working under the security guidelines that the company uses internally," Gomez says. This is especially true for people using personal computers because they search the web, click on website ads, and have no security filters for emails.
"Cyber-attackers are getting so smart out there," Gomez says. This year, at one company in Birmingham that provides services to Jefferson County, someone hacked the office manager's Microsoft cloud-based email account. Then they emailed the company's financial institution requesting a transfer of $100,000 from the business account to a new account. "And now that money is gone. All from emails," he says.
"There is no way you can completely stop it from happening," Gomez says about malware. "But it's all about knowledge, training and thinking about things before doing them. I recommend three applications to bolster protections at both remote and in-office workstations. And these can be done without breaking the bank."
1. Endpoint antivirus/security application, such as SentinelOne
Endpoint protection platforms (EPP) monitor for malware, ransomware and links within emails and websites with a signature marked as "bad" by a worldwide database that catalogs cyberattacks and threats. "The endpoint is getting information every hour on what's bad," Gomez says. "We've changed our endpoint protection four times in the last three years, because it's been getting better and better, and you should keep up with that."
Endpoint protection is a much deeper stop-measure than antivirus software. "It costs more than antivirus software because it's looking for bad signatures, bad UFLS (under-frequency load shedding), and bad links all the time instead of on a scheduled time of once or twice a day," Gomez says.
2. Cloud control spam filters, such as Barracuda.
When this cloud email security program sees a link in an email, it automatically puts that email in a sandbox--a controlled cyber area protected from the network--and runs that link. If it's safe, the filter releases it. "That takes milliseconds," Gomez says.
This type of spam filter has been out for about three years. "But it's been enhanced so much in the last couple years," Gomez says, recommending practices check the very reputable and well-known Magic Quadrant in gartner.com every six months when they release their market guide on the best cloud email security.
3. Staff training, such as ThreatAdvice and KnowBe4.
"Any good cybersecurity procedure will include staff training modules," Gomez says. "These modules let the IT tech or the administrator send out bait emails to unknowing employees to test their responses to potential phishing and spam. It tracks their actions in order to build the staff's security awareness. But I'd recommend getting references from someone in your industry before buying this one. You want to know what they changed to make it more effective for your workflow, and IT won't know that.
"These are the three biggies. These three protective subscriptions combined run around $11 per computer per month. So it's not a lot of money, but you get a lot out of it."
For the gold-standard of protection, a practice could spend around $500 per month on a perimeter security appliance. Digital Quest clients who use them haven't gotten any malware in the last four years at a time when 50 percent of businesses report being hit. "It's an expensive option," Gomez says, "The endpoint antivirus subscription has the same ability, but it's only updated every hour by the vendor. The security appliance gets updated every 60 seconds or less, plus it's learning all the time."
But Gomez stresses that solid security does not have to be that expensive. "For most people, the three things here, plus good IT practices, are what you need to spend," he says. "And it's equally essential is to make these applications a part of practice policies for remote computers because you're not only protecting your business at that point, you are also doing everything reasonable to protect your data from the perspective of HITECH and HIPAA compliance. And it is reasonable because of the cost."