Risk Alert: Ransomware Attacks May Continue

May 15, 2017 Cathy Bryant

On Friday, May 12, health care organizations in several countries fell victim to the WannaCry ransomware infection. It is believed that these ransomware attacks will continue to spread today, as users log in to their computers to start the workweek.

TMLT policyholders are urged to do the following to prevent an attack.

  • Be extra vigilant about cyber security.
  • Emails may be the source of the ransomware. Look carefully at the sender’s email address. Spoofed emails look like they are sent from legitimate senders.
  • Do not click on links you are unsure of.
  • Do not open attachments you are not expecting or that you do not recognize.
  • Do not enable macros from email attachments.
  • Print the U.S. Department of Homeland Security Alert on the WannaCry ransomware  and share with your staff.
  • Conduct frequent education and reminders to staff on ransomware.
  • Make real-time backups and store offline.
  • Keep operating systems and all software applications updated.
  • Maintain antivirus, and anti-malware software.
  • Verify that your data recovery plan is current.
  • Consider testing your restore from backup to assure your back-up data will be available and complete.

If you are attacked

  • Disconnect the affected device from the network.
  • If the device is connected with a network cable, disconnect it immediately.
  • If the device is connected wirelessly; hold the power button down until the light goes off.
  • Notify your IT staff/consultant immediately.
  • Notify TMLT’s Claims Department to report the security incident under your cyber insurance.
  • Notify local law enforcement and the regional office of the FBI.
  • Report any ransomware incidents to the Internet Crime Complaint Center (IC3).

Stay vigilant

Security awareness and training is an ongoing process required by the HIPAA Security Rule. TMLT will publish a series of cyber security helpful tips on our website. Check the site regularly or follow us on social media for updates.

For more information on how TMLT can help you or to schedule a cyber risk assessment, contact us through  at consultingwebmail@tmlt.org.

About the Author

Cathy Bryant

Cathy joined TMLT in 2010 and serves as the Senior Compliance and Risk Management Representative. Cathy leads the development and implementation of TMLT’s cyber risk management services. Cathy Bryant can be reached at cathy-bryant@tmlt.org.

Visit Website More Content by Cathy Bryant
Previous Article
Ransomware: A Clear and Present Danger

Case studies is to help physicians respond appropriately to ransomware attacks.

Next Article
Preserving evidence Is vital in a ransomware attack

Providers can take steps following an attack to help preserve evidence, which may help them meet their burd...

WEBINAR: Surviving an OCR investigation

Learn More