OakBend Medical center in Richmond, Texas is operating under electronic health record (EHR) downtime in the wake of a September 1 ransomware attack. The facility is bringing their “clinical systems back online in a controlled, systematic environment,” and has continuing phone and email issues.
Note
- Be prepared for collateral damage, such as your phone or email being offline, when recovering from a ransomware attack. Make sure that your business continuity plans are updated and regularly tested. Double check that your recovery times are both achievable and acceptable by senior management. Double check that you’re limiting lateral movement, both by segmentation and access controls, to reduce the need to proactively take everything offline after an attack. Make sure your rolodex includes verified contacts for not only helping with recovery but also investigation and reporting before you need them.
- Healthcare continues to be plagued by ransomware. It is hard to know whether this is because they are being specifically targeted or because they are vulnerable. However, the impact on EHR is because these systems are not sufficiently isolated from the public networks. Where such systems do use the public networks, they must be protected by end-to-end encryption and application aware firewalls.
