Ransomware response planning

After the attack that shut down Hollywood Presbyterian Hospital, it is clear that HIPAA disaster recovery and business continuity plans should include some level of ransomware response planning.   What kinds of issues should you expect and how can you mitigate the damage from a ransomware attack?  That is the topic of discussion for this episode.

March 04, 2016
HIPAA For MSPs by David Sims Ep 43: Ransomware Response Planning March 04, 2016
00:00:00 00:00:00

Ransomware Response Planning

The details aren’t out yet but it is apparent that Hollywood Presbyterian Hospital didn’t have a tested, reliable plan for dealing with a ransomware attack.  Your plan can’t be just to use paper until the computer comes back up.  Your plan should be tested, at least as much as possible.

Some of the headlines about the attack:

All the various articles mention how serious the problem was in this case.  There aren’t details of how the encryption malware was distributed to create such a serious lock down of systems.  Your ransomware response planning activities need to begin now.

What is the difference between file syncing and backup?  Why do you care?

What can you do to try to prevent these kinds of programs from getting loose in your network?  See Cryptoprevent and educate your users.  It is very hard to be 100% certain that you can stop these attacks.  In fact, most cases can’t be prevented by Anti-virus and Anti-malware programs.  Educated users, patched systems, Cryptoprevent, and a solid backup plan is what will save you when you get hit.