Look at this insight into the WannaCry ransomware attack impacting healthcare worldwide. When a virus knocks out your health IT system, you lose more than just your patients’ ePHI. You lose the ability to serve patients safely, running the risk of more than just the loss of privacy. Background: Over the weekend of May 12, a large-scale ransomware attack fanned out across much of Europe and Asia. The situation escalated quickly, and without access to medical records, patients were turned away from clinician practices, clinics, and hospitals. As the hack unfurled, federal reports indicated that the U.S. had also been impacted by the “WannaCrypt” ransomware infiltration, which demanded payment in bitcoin to decrypt the data. “HHS is aware of a significant cybersecurity issue in the UK and other international locations affecting hospitals and healthcare information systems,” said Laura Wolf, chief of the critical infrastructure protection branch, HHS Office of the Assistant Secretary for Preparedness and Response (ASPR). “Weare also aware that there is evidence of this attack occurring inside the United States.” Definition: Data-for-ransom is the latest fad in the hacking world. Ransomware hackers breach servers, networks, and systems — encrypting files containing documents and ePHI, then demand a ransom in exchange for the remedy needed to decrypt the files. And this type of malware (short for malicious software) causes mayhem, particularly for healthcare workers, who need precise data to safely care for patients. “Ransomware is a virtual stick-up,” explains Providence-based attorney Steven Richard, Esq., with Nixon Peabody LLP. “Hackers essentially try to find the weakest links in your system to be able to take your data, hold it hostage, and make you pay a ransom to be able to obtain and use it in the future.” “Unsuspecting workers will click on a link or an email and consequently infect your system with encryption that prevents access,” Richard says. “Hackers typically target the most data-dependent businesses, such as healthcare or governmental functions, where the data has the most value and the ransom can be the most threatening.” What is “WannaCrypt” Ransomware? The malware named “WannaCrypt” — nicknamed “WannaCry” or “WyCry” in the media — impacts Microsoft products, specifically Windows XP, and accesses data from an earlier attack on the U.S. National Security Agency (NSA), a May 14, 2017 news release from Microsoft suggests. A patch was distributed back in March to combat the earlier hack, but many users didn’t properly update their systems. “Microsoft had released a security update to patch this vulnerability and protect our customers. While this protected newer Windows systems and computers that had enabled Windows Update to apply this latest update, many computers remained unpatched globally,” said Brad Smith, Esq., Microsoft President and chief legal officer in a blog post. “As a result, hospitals, businesses, governments, and computers at homes were affected.” Read the Microsoft blog post on the WannaCrypt ransomware attack at: https://blogs.microsoft.com/on-the-issues/2017/05/14/need-urgent-collective-action-keep-people-safe-online-lessons-last-weeks-cyberattack/#sm.0001840zub15lff15yx2vjmnzvtts. Federal advice: “We are working with our partners across government and in the private sector to develop a better understanding of the threat and to provide additional information on measures to protect your systems,” Wolf indicated in her statement. “We advise that you continue to exercise cybersecurity best practices — particularly with respect to email.” Block and disable: In addition to the guidance from HHS-ASPR, the U.S. Computer Emergency Readiness Team (U.S.-CERT) updated its website with links to the various Microsoft patches as well as offering insight on how to block and disable a server message block (SMB). Protect Your Practice HIT from Invasion When you set up boundaries against cyber attack, you do the triple duty of defending your patients, complying with the HIPAA Security Rule, and protecting your hard-earned cash. Wake-up call: The WannaCrypt ransomware attack was aimed at folks who hadn’t updated their software — and, not keeping up with the latest software patch ended up being a liability. “Healthcare has traditionally been less sophisticated when it comes to information security … [but] now is the time to get serious about protecting systems, because lives and institutions are at stake,” warns HIPAA expert Jim Sheldon-Dean, founder and director of compliance services at Lewis Creek Systems LLC in Charlotte, VT. Consider this: The first step in healthcare security is following trends and engaging certified IT staff who know how to keep your practice in the tech loop. Here are a few pointers that will discourage a ransomware takeover of your servers: Reminder: “Healthcare institutions are in a tough space,” says Larry Whiteside, Jr., Vice President of Healthcare and Infrastructure for Optiv, a Denver-based cybersecurity solutions firm. “They have low margins and have to figure out how to spend their money wisely. Security has for decades been their last choice of spend.” But as the stakes continue to rise as more and more in the healthcare industry come under the gun of cyber criminals, the time to implement defense measures is now. Resources: To read the U.S.-CERT advice, visit https://www.us-cert.gov/ncas/current-activity/2017/01/16/SMB-Security-Best-Practices. For a closer look at the HHS Office of the Assistant Secretary for Preparedness and Response cyber threat update, visit https://asprtracie.hhs.gov/documents/newsfiles/NEWS_05_13_2017_08_17_11.pdf.