In early July of 2016, Colorado healthcare facility Allergy, Asthma & Immunology of the Rockies, P.C. (AAIR), was hit by a ransomware attack by an undisclosed strain. The infection appears to have affected systems that contain the valuable electronic protected health information (ePHI) of around 7,000 patients, and includes patients’ names, Social Security numbers, and medical information.

The attack was discovered when reports of employees’ difficulty to access files and documents led to the shutdown of servers, and evidence of ransomware on computer systems then surfaced. After a third-party cybersecurity partner looked into the attack, it they found that the hackers were still testing out the ransomware and had not had a chance to mine or use any of the company data as of yet. But, the breach in AAIR’s system is still troubling to say the least. AAIR is providing a year-long identity protection program for its clients due to the attack, and patients are being urged to check their financial statements regularly for unusual activity.

Local police along with FBI personnel have tracked the attack to Russia through IP addresses of the hackers. No one is quite clear on how the ransomware found its way onto the computer systems yet, but an AAIR representative stated that the attack was able to “pass through a password protected firewall.” This could have occurred when an employee visited a malicious website.

A U.S. government interagency report indicates that there has been a 300 percent increase in the daily ransomware attacks in 2016 compared to 2015. Healthcare organizations are especially vulnerable to attacks due to the large amount of information that can be profitable to hackers. In the past, the government has warned healthcare organizations to increase the security of their systems because it has been weak compared to other industries. In order to minimize attacks on healthcare providers today, integrated and preventative measures must be taken on company computer systems.

Data breaches like the AAIR attack are becoming increasingly common in our society, and maintaining secure systems is now at the forefront of smart business practices. Companies of every industry must deploy cutting-edge security technologies, if they don’t want to risk valuable company and customer information being leaked by hackers.

The security of our customers’ information is of the utmost importance to OSNEXUS. That’s why QuantaStor SDS now includes end-to-end security coverage, which enables multi-layer data protection on-the-wire and at-rest for enterprise and cloud storage deployments.

QuantaStor SDS also has snapshot technology that can be especially important in preventing ransomware attacks. By taking snapshots of data from specific points-in-time and saving them, it provides quick access and recovery of data in the event of data loss or attack. Data can be recovered in minutes, with no trace of a ransomware attack left.

Combining protocol-level encryption with SMB, IPsec and HTTPS across any storage grid, hardware and software disk drive encryption with Intel AES-NI technology and advanced user security featuring role-based access controls, QuantaStor SDS End-to-End Security is ideal for industry applications ranging from energy, healthcare, financial services and education to government.

 
To learn more, visit osnexus.com/encryption-and-security.

Categories: Cybersecurity, Security

Tags: #ransomware