Recently released technical guidance from the U.S. departments of Homeland Security, Justice, and Health and Human Services (HHS) contains hospital best practices to prevent and mitigate the damage of ransomware.

Ransomware is a cybersecurity threat in which an attacker gains access to a network, encrypts its data, and holds the network hostage for payment. The guidance offers several steps that hospitals can take to prevent ransomware attacks:

  • Educating and training employees about cybersecurity threats
  • Using strong spam filters and scanning emails to detect threats
  • Installing antivirus and anti-malware software to conduct regular scans

Hospitals should also back up data regularly to preserve important records in the event of an attack.

According to the guidance, ransomware is the fastest-growing malware threat and is immediately disruptive to systems. Several health care organizations recently have been affected by ransomware.

Hospitals affected by ransomware should contact a FBI field office Cyber Task Force or local U.S. Secret Service field office immediately.

Contact Director of Policy Erin O’Malley at eomalley@essentialhospitals.org or 202.585.0127 with questions.