{"id":2332,"date":"2023-09-01T02:14:28","date_gmt":"2023-09-01T02:14:28","guid":{"rendered":"https:\/\/kleetos.com\/?p=2332"},"modified":"2025-05-20T15:20:02","modified_gmt":"2025-05-20T15:20:02","slug":"how-to-avoid-a-ransomware-attack","status":"publish","type":"post","link":"https:\/\/brightsquid.com\/us\/how-to-avoid-a-ransomware-attack\/","title":{"rendered":"How to Avoid a Ransomware Attack"},"content":{"rendered":"\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\"\"\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Ransomware attacks happen when malware infiltrates your computer systems and locks your access to files by encrypting them. Once your files are encrypted, the attacker responsible for sending the ransomware out into the world demands a ransom be paid before releasing your data.\u00a0In healthcare, a ransomware attack constitutes a privacy breach.<\/strong>\u00a0Several clinics in Calgary have already fallen victim to ransomware. Even though some paid the ransom, \u00a0their files were destroyed by the encryption process the attackers used. The good news is, you can prevent ransomware attacks.<\/p>

It\u2019s big business. Attacks are increasingly prevalent, growing by 35% year over year.\u00a0The FBI says<\/a>\u00a0ransomware attacks in the U.S. cost $209-million in the first three months of 2016; and that\u2019s just\u00a0reported<\/i>\u00a0attacks. After the University of Calgary paid a ransom of $20,000 in June of 2016 to reclaim control of 9,000 ransomed email accounts,\u00a0Calgary police reported<\/a>\u00a0thatransomware attackers around the world are earning $100,000 to $200,000 per day<\/strong>.<\/p>

Ransomware enters your system in a number of different ways, usually as an attachment or an accidentally downloaded file. Email is one common entry point, as are pop-ups on the Internet that encourage or force a click that triggers the infiltration. These malicious files can sit dormant on your system for months or even years, making their origin very difficult to track.<\/p>

Step one in prevention is educating staff.<\/h3>

No one should ever open links, attachments or suspicious links in emails from someone they don\u2019t know. Emails from people they do know can also contain these links. The first major computer virus spread as part of an image download. Emails from contacts that read something along the lines of \u201cYou\u2019ll love this\u201d with a link, are excellent candidates for the delete button.<\/p>

Good Internet hygiene is crucial.<\/strong>\u00a0Keep those pop-up blockers on, and never click links you aren\u2019t sure of. Some clinics even go as far as restricting the kind of websites accessible from the clinic network.<\/p>

Passwords are critical to protecting your files.<\/p>

Everyone needs their own login to systems containing patient info be compliant, so no sharing usernames and passwords.\u00a0Individual passwords should be long at 12 to 15 characters, and complex including upper and lower case as well as numbers and special characters like #$%^& (but length beats complexity)<\/strong>.\u00a0Wired reports<\/a>\u00a0that you need to stop using standard or basic passwords like \u2018password1\u2019, \u201812345\u2019, or \u2018Qwerty\u2019. Also make sure to change defaults and don\u2019t use full words from the dictionary, and steer clear of simple patterns or incremental numbers.<\/p>

Further, Wired\u2019s interview with security experts says you should spread special characters through passwords instead of clumping them at the end.\u00a0Creating a unique password for each different login is a great idea<\/strong>, although it might seem like a pain it\u2019s nowhere near as bad as scrambling to recover from a ransomware attack. Read the full wired article for more great advice.<\/p>

Step two is to ensure security measures are up to date.<\/h3>

Hackers are always looking for new ways in through anti-virus protection software. While software companies continually test and improve their security, sometimes, the black hats win – at least for a little while. As soon as an entry point is discovered, updates are released to patch the hole and block attacks.\u00a0Always maintain the latest version of all clinic software<\/strong>, it is the most secure and regularly scan for viruses.<\/p>

Step three is to back up back up back up.<\/h3>

Ransomware attacks are only a problem if they lock up data you don\u2019t have securely stored anywhere else.\u00a0Regularly back up all of your files.<\/strong>\u00a0In the event of a ransomware attack, you can more easily recover, and avoid paying the ransom if you have an up to date backup (backup daily – make it part of your process). Keep your back up somewhere off your network, like an external hard drive that gets unplugged and locked up at night.<\/p>

Step four is communications compliance.<\/h3>

Eliminating the use of standard email in your clinic will remove a majority of the way ransomware gets in.\u00a0<\/strong>That doesn\u2019t mean you have to give up digital communications, you need to implement something stronger than email.<\/p>

Brightsquid Secure-Mail and Secure Health Exchange are closed systems. Spammers aren\u2019t allowed in, so no one can just type random email addresses in hopes they get a real inbox with a human clicking links on the other end. People on our system are verified healthcare professionals or identity authenticated patients. And we scrub messages for malicious content like links and attachments. We don\u2019t allow executable files such as ransomware viruses to be uploaded to our system – so they can\u2019t get to you.<\/p>

What that means is that\u00a0exclusively using a secure communication service like Brightsquid that blocks malicious files and phishing scams can keep ransomware from getting in.<\/strong>\u00a0We have clinics that refuse communication in any other format just for that reason, they\u2019re serious about keeping their system clean.<\/p>

Stay compliant.<\/h3>

All of these steps are, of course, best practices. Beyond that, some are actually regulatory requirements. Creating policies and procedures in line with your regulatory responsibilities does more than just protect you from fines, those rules are in place because they do, in fact,\u00a0protect your patients and your clinic from the growing criminal threat on the internet.<\/strong><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"

Ransomware attacks happen when malware infiltrates your computer systems and locks your access to files by encrypting them. Once your files are […]<\/p>\n","protected":false},"author":1,"featured_media":3109,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-2332","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-brightsquid-blog"],"yoast_head":"\nHow to Avoid Ransomware | HIPAA Compliant Email Blog<\/title>\n<meta name=\"description\" content=\"In this article, our privacy experts discuss a set of guidelines and best practices that can prevent ransomware attacks on your clinic and safeguard your patient data.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/brightsquid.com\/how-to-avoid-a-ransomware-attack\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to Avoid a Ransomware Attack\" \/>\n<meta property=\"og:description\" content=\"In this article, our privacy experts discuss a set of guidelines and best practices that can prevent ransomware attacks on your clinic and safeguard your patient data.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/brightsquid.com\/how-to-avoid-a-ransomware-attack\/\" \/>\n<meta property=\"og:site_name\" content=\"Brightsquid US | Simplify Clinic Operations, Prevent Privacy Breaches\" \/>\n<meta property=\"article:published_time\" content=\"2023-09-01T02:14:28+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-05-20T15:20:02+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/brightsquid.com\/us\/wp-content\/uploads\/sites\/2\/2023\/09\/secure-clinic-messaging-relieving-privacy-pressure-from-healthcare-brightsquid-blog.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"812\" \/>\n\t<meta property=\"og:image:height\" content=\"372\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Brightsquid Secure Communications\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Brightsquid Secure Communications\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/brightsquid.com\/us\/how-to-avoid-a-ransomware-attack\/\",\"url\":\"https:\/\/brightsquid.com\/how-to-avoid-a-ransomware-attack\/\",\"name\":\"How to Avoid Ransomware | HIPAA Compliant Email Blog\",\"isPartOf\":{\"@id\":\"https:\/\/brightsquid.com\/us\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/brightsquid.com\/how-to-avoid-a-ransomware-attack\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/brightsquid.com\/how-to-avoid-a-ransomware-attack\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/brightsquid.com\/us\/wp-content\/uploads\/sites\/2\/2023\/09\/secure-clinic-messaging-relieving-privacy-pressure-from-healthcare-brightsquid-blog.jpg\",\"datePublished\":\"2023-09-01T02:14:28+00:00\",\"dateModified\":\"2025-05-20T15:20:02+00:00\",\"author\":{\"@id\":\"https:\/\/brightsquid.com\/us\/#\/schema\/person\/6172cfd5b58366fc9449c27459fe3205\"},\"description\":\"In this article, our privacy experts discuss a set of guidelines and best practices that can prevent ransomware attacks on your clinic and safeguard your patient data.\",\"breadcrumb\":{\"@id\":\"https:\/\/brightsquid.com\/how-to-avoid-a-ransomware-attack\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/brightsquid.com\/how-to-avoid-a-ransomware-attack\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/brightsquid.com\/how-to-avoid-a-ransomware-attack\/#primaryimage\",\"url\":\"https:\/\/brightsquid.com\/us\/wp-content\/uploads\/sites\/2\/2023\/09\/secure-clinic-messaging-relieving-privacy-pressure-from-healthcare-brightsquid-blog.jpg\",\"contentUrl\":\"https:\/\/brightsquid.com\/us\/wp-content\/uploads\/sites\/2\/2023\/09\/secure-clinic-messaging-relieving-privacy-pressure-from-healthcare-brightsquid-blog.jpg\",\"width\":812,\"height\":372},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/brightsquid.com\/how-to-avoid-a-ransomware-attack\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/brightsquid.com\/us\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"How to Avoid a Ransomware Attack\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/brightsquid.com\/us\/#website\",\"url\":\"https:\/\/brightsquid.com\/us\/\",\"name\":\"Brightsquid US | Simplify Clinic Operations, Prevent Privacy Breaches\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/brightsquid.com\/us\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/brightsquid.com\/us\/#\/schema\/person\/6172cfd5b58366fc9449c27459fe3205\",\"name\":\"Brightsquid Secure Communications\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/brightsquid.com\/us\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/6087d6d32268cb4d89627c663c0b150d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/6087d6d32268cb4d89627c663c0b150d?s=96&d=mm&r=g\",\"caption\":\"Brightsquid Secure Communications\"},\"sameAs\":[\"https:\/\/brightsquid.com\"],\"url\":\"https:\/\/brightsquid.com\/us\/author\/lro99\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"How to Avoid Ransomware | HIPAA Compliant Email Blog","description":"In this article, our privacy experts discuss a set of guidelines and best practices that can prevent ransomware attacks on your clinic and safeguard your patient data.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/brightsquid.com\/how-to-avoid-a-ransomware-attack\/","og_locale":"en_US","og_type":"article","og_title":"How to Avoid a Ransomware Attack","og_description":"In this article, our privacy experts discuss a set of guidelines and best practices that can prevent ransomware attacks on your clinic and safeguard your patient data.","og_url":"https:\/\/brightsquid.com\/how-to-avoid-a-ransomware-attack\/","og_site_name":"Brightsquid US | Simplify Clinic Operations, Prevent Privacy Breaches","article_published_time":"2023-09-01T02:14:28+00:00","article_modified_time":"2025-05-20T15:20:02+00:00","og_image":[{"width":812,"height":372,"url":"https:\/\/brightsquid.com\/us\/wp-content\/uploads\/sites\/2\/2023\/09\/secure-clinic-messaging-relieving-privacy-pressure-from-healthcare-brightsquid-blog.jpg","type":"image\/jpeg"}],"author":"Brightsquid Secure Communications","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Brightsquid Secure Communications","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/brightsquid.com\/us\/how-to-avoid-a-ransomware-attack\/","url":"https:\/\/brightsquid.com\/how-to-avoid-a-ransomware-attack\/","name":"How to Avoid Ransomware | HIPAA Compliant Email Blog","isPartOf":{"@id":"https:\/\/brightsquid.com\/us\/#website"},"primaryImageOfPage":{"@id":"https:\/\/brightsquid.com\/how-to-avoid-a-ransomware-attack\/#primaryimage"},"image":{"@id":"https:\/\/brightsquid.com\/how-to-avoid-a-ransomware-attack\/#primaryimage"},"thumbnailUrl":"https:\/\/brightsquid.com\/us\/wp-content\/uploads\/sites\/2\/2023\/09\/secure-clinic-messaging-relieving-privacy-pressure-from-healthcare-brightsquid-blog.jpg","datePublished":"2023-09-01T02:14:28+00:00","dateModified":"2025-05-20T15:20:02+00:00","author":{"@id":"https:\/\/brightsquid.com\/us\/#\/schema\/person\/6172cfd5b58366fc9449c27459fe3205"},"description":"In this article, our privacy experts discuss a set of guidelines and best practices that can prevent ransomware attacks on your clinic and safeguard your patient data.","breadcrumb":{"@id":"https:\/\/brightsquid.com\/how-to-avoid-a-ransomware-attack\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/brightsquid.com\/how-to-avoid-a-ransomware-attack\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/brightsquid.com\/how-to-avoid-a-ransomware-attack\/#primaryimage","url":"https:\/\/brightsquid.com\/us\/wp-content\/uploads\/sites\/2\/2023\/09\/secure-clinic-messaging-relieving-privacy-pressure-from-healthcare-brightsquid-blog.jpg","contentUrl":"https:\/\/brightsquid.com\/us\/wp-content\/uploads\/sites\/2\/2023\/09\/secure-clinic-messaging-relieving-privacy-pressure-from-healthcare-brightsquid-blog.jpg","width":812,"height":372},{"@type":"BreadcrumbList","@id":"https:\/\/brightsquid.com\/how-to-avoid-a-ransomware-attack\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/brightsquid.com\/us\/"},{"@type":"ListItem","position":2,"name":"How to Avoid a Ransomware Attack"}]},{"@type":"WebSite","@id":"https:\/\/brightsquid.com\/us\/#website","url":"https:\/\/brightsquid.com\/us\/","name":"Brightsquid US | Simplify Clinic Operations, Prevent Privacy Breaches","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/brightsquid.com\/us\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/brightsquid.com\/us\/#\/schema\/person\/6172cfd5b58366fc9449c27459fe3205","name":"Brightsquid Secure Communications","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/brightsquid.com\/us\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/6087d6d32268cb4d89627c663c0b150d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/6087d6d32268cb4d89627c663c0b150d?s=96&d=mm&r=g","caption":"Brightsquid Secure Communications"},"sameAs":["https:\/\/brightsquid.com"],"url":"https:\/\/brightsquid.com\/us\/author\/lro99\/"}]}},"_links":{"self":[{"href":"https:\/\/brightsquid.com\/us\/wp-json\/wp\/v2\/posts\/2332"}],"collection":[{"href":"https:\/\/brightsquid.com\/us\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/brightsquid.com\/us\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/brightsquid.com\/us\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/brightsquid.com\/us\/wp-json\/wp\/v2\/comments?post=2332"}],"version-history":[{"count":18,"href":"https:\/\/brightsquid.com\/us\/wp-json\/wp\/v2\/posts\/2332\/revisions"}],"predecessor-version":[{"id":5340,"href":"https:\/\/brightsquid.com\/us\/wp-json\/wp\/v2\/posts\/2332\/revisions\/5340"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/brightsquid.com\/us\/wp-json\/wp\/v2\/media\/3109"}],"wp:attachment":[{"href":"https:\/\/brightsquid.com\/us\/wp-json\/wp\/v2\/media?parent=2332"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/brightsquid.com\/us\/wp-json\/wp\/v2\/categories?post=2332"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/brightsquid.com\/us\/wp-json\/wp\/v2\/tags?post=2332"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}