New Ransomware Attack Threatens Healthcare Sector

October 30, 2020

threatening hooded figure with the word cyber security superimposed to illustrate post on best practices for cybersecurity

Tower’s cybersecurity partners, Avertium and Vigilant, have advised us of a major ransomware attack, primarily targeting the healthcare sector.  The threat actor, known as “Ryuk,” uses phishing e-mails to gain access and then control of the victim’s computer and ultimately the company’s network.  Once in control, files are encrypted and only decrypted in exchange for a “ransom.”

Avertium sent Tower this joint cybersecurity advisory from the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) detailing a resurgence of this threat.  Avertium also provided its cyber intelligence report which includes information on the attack and preventive measures.

Tower’s Response to Ransomware Threats

As a company that works directly with the healthcare sector, protection of our client’s information is critical to our Medicare Secondary Payer compliance services.  Consequently, upon receiving the report of the Ryuk threat we immediately contacted our cybersecurity partner, Vigilant Technology Solutions, to confirm protections are in place to counteract any threats to Tower’s system.

Vigilant assured us that cybersecurity best practices are in place.  First, its CyberDNA solution actively monitors Tower’s data traffic 24/7 and responds to threats in real time.  Second, our network-installed McAfee Endpoint Protection (MEP) identifies a potential threat as early as possible and prevents the threat from entering the network or database.  Third, our IT pros have previously taken the following recommended actions to keep customer data secure:

  • Ensure MEP is fully deployed to all applicable/at risk assets within your environment
  • Provide security awareness communications to employees as a reminder to be mindful during day-to-day activity:
    • Never open unsolicited emails and their attachments. 
    • Be wary of suspicious looking advertisements.
    • Limit / avoid the use of personal email on company assets.
  • Regularly update infrastructure (both operating system and application software) with the latest patches to ensure full coverage in addition to updated McAfee Anti-Virus software.
  • Ensure backups of data/records are regularly performed and available.

We urge our clients to confirm the above preventive measures are in place for their own network security. 

For more detailed information on preventing ransomware attacks, CISA provides an updated guide which can be found here.  If you have any questions regarding Tower’s cybersecurity program, please contact Jesse Shade, VP of Information Technology at jesse.shade@towermsa.com or 888.331.4941.