protecting your pharmacy from a ransomware attack
Post on 18-Jan-2017
Embed Size (px)
Protecting Your Pharmacy From a Ransomware AttackAugust 23, 2016
Justin Sotomayor, PharmDPharmacy Informatics Director, CompleteRx2Speaker
Consider these scenarios3How could a ransomware attack affect you?Scenario 11. Your ICU patients drip runs out2. The ADC is down3. You call pharmacyno answer4. Youve been hacked!5. What do you do? Scenario 21. Youre entering pain medications2. Skull/crossbones flash on screen3. Youre instructed to pay or else!4. Theres no way to print a label5. What do you do?
What are ransomware attacks?Ransomware is a form of malware which restricts user access to whole operating systems or specific files on a system through encryptionIn ransomware attacks, hackers manipulate users into downloading malicious software, lock down their data, and then extort them for money (typically, bitcoin) for the key to unlock or decrypt itPharmacies should pay special attention to ransomware attacks4Lets take a step backWhat are bitcoins?Open-source, peer-to-peer virtual currencyValue increases and decreases like stock Private, tied to a bitcoin address vs. a traceable entity
TypicallyHacker targets user via phishing attack or malvertisingUser inadvertently downloads malwareHacker locks down users files or whole computerRansomware may spread to connected files/computersUser pays ransom or risks hacker destroying the files5How do ransomware attacks work?
6How do you prepare for a ransomware attack?PlanPreventMaintainRespond
Develop a ransomware plan with elements, such as:Downtime proceduresDecision treesRoles and responsibilitiesCybersecurity policiesStrategic partnerships7Step 1: Plan
Prevent ransomware attacks via: AuthenticationAntivirus software and firewallsPop-up blockersEmployee awareness8Step 2: Prevent
Implement ongoing cybersecurity best practices, such as:Regular back upsSecond line connectivityStrong passwordsSoftware updatesEmployee education modules9Step 3: Maintain
Should an attack occur, take action:Disconnect from the network and internetDisable file sharingDisable remote servicesActivate disaster planAlert the authorities
10Step 4: Respond
When it went wrong:Kansas Heart Hospital was hit the week of May 22It lost access to critical files for several daysIt paid the ransom, and the hackers asked for more!When it went right:Youll never hear about itProper safeguards = business continuity = no press!
11Case Study: A Tale of Two Hospitals
12Lets revisit those initial scenariosNow what would you do?Quarantine infected machinesDeploy paper documentationOverride ADC machines, as necessary, to retrieve patient medicationPull archived MARs, and deliver them to nursing unitsSchedule pickup of paper ordersWork with IT to wipe machines/upload a backup of the EHR to the serverOnce tested, bring the system back onlineSend paper documentation to pharmacy and other areasEnter data into EHR
Questions? For more information:Visit our website: www.completerx.comFollow us on Twitter: @CompleteRxOr on Facebook: www.facebook.com/completerxKeep in touch: firstname.lastname@example.org