Trusiak Law - Buffalo Attorney, HERO act, HIPAA Law

Blog

SuperUser Account
/ Categories: General

Preventing Ransomware Attacks

Ransomware is a type of malicious software designed to block access to computer data and systems until a sum of money is paid. There is no one technology solution that can be deployed to prevent ransomware attacks from occurring, although preventive measures can be taken to limit vulnerability.

The United States Government Interagency Guidance Document, How to Protect Your Networks from Ransomware, includes the following recommendations:

  • Implement an awareness and training program. Because end users are targets, employees and individuals should be aware of the threat of ransomware and how it is delivered.
  • Enable strong spam filters to prevent phishing emails from reaching the end users and authenticate inbound email using technologies to prevent email spoofing.
  • Scan all incoming and outgoing emails to detect threats and filter executable files from reaching end users.
  • Configure firewalls to block access to known malicious IP addresses.
  • Patch operating systems, software, and firmware on devices.
  • Set anti-virus and anti-malware programs to conduct regular scans automatically.
  • Manage the use of privileged accounts based on the principle of least privilege: no users should be assigned administrative access unless absolutely needed; and those with a need for administrator accounts should only use them when necessary.
  • Configure access controls with least privilege in mind.
  • Disable macro scripts from office files transmitted via email.
  • Implement Software Restriction Policies (SRP) or other controls to prevent programs from executing from common ransomware locations.
  • Consider disabling Remote Desktop protocol (RDP) if it is not being used.
  • Use application whitelisting, which only allows systems to execute programs known and permitted by security policy.
  • Execute operating system environments or specific programs in a virtualized environment.
  • Categorize data based on organizational value and implement physical and logical separation of networks and data for different organizational units.
Previous Article HHS OCR Guidance on HIPAA & Cloud Computing
Next Article Significant Points for Physicians and Hospitals from the FY 2017 OIG Work Plan
Print
514

Text/HTML

Call and schedule your meeting today! Contact Trusiak Law