Ransomware: Prevention is better than cure

The old saying “Prevention is better than cure” is as true for ransomware as it is for many other of life’s difficulties.

If you install a home protection system after you have been robbed, it won’t bring back your stolen household goods, jewels, and money. It will protect you in the future only. To avoid the difficulties that ransomware can cause for your organization, you need to act now. You need prevention—a protection and recovery plan.

Around the world, healthcare organizations have been warned about potential security breaches. The FBI and Europol have warned about the rise of cyberattacks on healthcare organizations. We see more news of security breaches: A healthcare group is attacked and its systems are down. COVID-19 testing labs are hacked. Genomic data is stolen, and logistics systems are hacked. Those are just a few examples of breaches that spread chaos.

From large to small organizations, we are all vulnerable to attacks and need to minimize the risks involved. With COVID-19, there is pressure on IT to expand infrastructure and to support new applications, access, remote working, and infrastructure changes. Attackers are seeing an opportunity to target healthcare organizations. Bad actors are attacking even our backups, which we usually see as our rescue solution. This all adds a new level of complexity to protecting our data.

To overcome the threats to your data, you need a comprehensive security strategy that starts outside of IT. For example, if you make your users aware of potential threats and how to detect unauthorized access attempts, users can be your first line of defense. Then you need an overall access control and monitoring strategy that adds to your defense.

At the IT level, you need protection from unauthorized network access—whether external or from inside your organization. You must make sure that there are no breaches in applications and operating systems. Access to accounts and data requires effective management. Content filtering should be implemented on web and email content. You need to strengthen security configurations on all devices, including mobile and remote devices. Backups, snapshots, secure data copies, and data replication all need to work dependably. A strategy for business continuity and disaster recovery is essential.

Instead of paying to recover from a cyberattack, set up the right solutions for backup and recovery to protect your organization and help you recover quickly from any attack.

Define a solid strategy. Perform frequent ransomware attack simulations. Make sure that your IT infrastructure and incident response processes are ready to protect your organization.

A checklist of important steps:  Implement robust vulnerability management and patch management.  Manage the use of privileged accounts and configure access controls correctly.  Consider protective filtering to prevent execution of unknown programs.  Implement content filtering to filter out suspicious emails and web content.  Strengthen the security configuration of your devices (including mobile devices).  Plan for quick recovery from any incident: Make sure you have a solid and proven plan B.  Assess the readiness of your IT infrastructure and incident response processes by performing ransomware attack simulations.

NetApp is here to help you achieve the protection level you define. NetApp® Professional Services can assist with data protection and security assessments. NetApp specialists are ready to help you succeed with solutions—including integrations with partnering solutions—to keep your data, your organization, and your patients safe.

For more insights about ransomware, see this ransomware blog post series. And to learn how NetApp Cloud Volumes ONTAP® Implementation Service and NetApp Cloud Insights Implementation Service can help you, check out this ransomware e-book.