By Ashleigh McMillan
Optometry Australia is urging practitioners to back up their data and files, as a new wave of ransomware attacks targets health-care providers and small business owners.
The WannaCry ransomware attack started on 12 May, with 200,000 victims now impacted across 150 countries. The ransomware infiltrated 47 organisations in the English National Health Service, causing hospital shutdowns and patients to be turned away.
The self-replicating software used during the attack was able to spread across computer networks by exploiting vulnerabilities in Microsoft Windows systems which had not been recently updated.
WannaCry uses encryption algorithms to block system files on an infected computer, before demanding an escalating ransom between US$300 to US$600 to decrypt files. To date, hackers behind the attack have received 297 payments from victims, totalling more than $133,000.
Target small business
WannaCry isn’t the only online threat crippling health providers. McClatchy reports that a hacking group called The Dark Overlord is stealing patient records from American medical and allied health clinics, with records being leaked online or sold on the black market.
Optometry Australia has previously reported on the real threat of ransomware for optometry practices, with patient records destroyed in 2016 due to a ransomware attack.
Hackers are likely to target small businesses because they are less likely to back up data regularly and may have out of date software. Hackers are aware that a successful ransomware siege can cause major business disruption, making small business owners more likely to pay the ransom.
National professional services manager Luke Arundel says the key is to regularly back up your system and clinical records, so that you don’t have to pay an escalating ransom if infected.
‘If someone cripples or paralyses your system and demands money to have files returned, if you have a back-up you can dump and purge the computers and start again with the recent back-up, Mr Arundel said.
‘In many ways, the WannaCry ransomware attack was a lucky escape for Australia but optometrists need to be proactive because the number of online scams is increasing and this is just the tip of the iceberg.
‘In recent interviews with hackers, they’ve said ransomware is a penalty that people have to pay for not having sufficient back-ups and adequate security, so it’s only going to get worse,’ he said.
According to the May 2017 ACCC report Targeting Scams, more than $2.9 million dollars was lost from online scams in 2016, a four-fold increase from 2015.
- Ensure you have installed current Microsoft Windows updates, as they patch the vulnerabilities exploited by the WannaCry software. Ensure you install computer updates when they’re available, as they may protect you from a future attack.
- Regularly back-up your system and files. Don’t forget to check the back-up itself at regular intervals, so that you know that it works.
- Ensure your AntiVirus software remains up to date. However, you can’t rely on this software alone; a back-up will save you when malicious software has slipped through the cracks.
- Do not click on suspicious links or attachments in emails or online. Teach your practice staff to be wary of them.