Upload
completerx
View
195
Download
3
Embed Size (px)
Citation preview
Protecting Your Pharmacy From a Ransomware AttackAugust 23, 2016
2
Justin Sotomayor, PharmD
Pharmacy Informatics Director, CompleteRx
2
Speaker
3
Consider these scenarios…
3
How could a ransomware attack affect you?
Scenario 11. Your ICU patient’s drip runs out2. The ADC is down3. You call pharmacy…no answer4. You’ve been hacked!5. What do you do?
Scenario 21. You’re entering pain medications2. Skull/crossbones flash on screen3. You’re instructed to pay or else!4. There’s no way to print a label5. What do you do?
4
What are ransomware attacks?• Ransomware is a form of malware which
restricts user access to whole operating systems or specific files on a system through encryption
• In ransomware attacks, hackers manipulate users into downloading malicious software, lock down their data, and then extort them for money (typically, bitcoin) for the “key” to unlock or decrypt it
• Pharmacies should pay special attention to ransomware attacks
4
Let’s take a step back…
What are bitcoins?• Open-source, peer-to-peer virtual
currency• Value increases and decreases
like stock • Private, tied to a bitcoin address
vs. a traceable entity
5
Typically…• Hacker targets user via phishing attack or “malvertising”
• User inadvertently downloads malware
• Hacker locks down user’s files or whole computer
• Ransomware may spread to connected files/computers
• User pays ransom or risks hacker destroying the files
5
How do ransomware attacks work?
6 6
How do you prepare for a ransomware attack?
Plan Prevent Maintain Respond
Proactively…
7
Develop a ransomware plan with elements, such as:• Downtime procedures
• Decision trees
• Roles and responsibilities
• Cybersecurity policies
• Strategic partnerships
7
Step 1: Plan
8
Prevent ransomware attacks via: • Authentication
• Antivirus software and firewalls
• Pop-up blockers
• Employee awareness
8
Step 2: Prevent
9
Implement ongoing cybersecurity best practices, such as:• Regular back ups
• Second line connectivity
• Strong passwords
• Software updates
• Employee education modules
9
Step 3: Maintain
10
Should an attack occur, take action:• Disconnect from the network and internet
• Disable file sharing
• Disable remote services
• Activate disaster plan
• Alert the authorities
10
Step 4: Respond
11
When it went wrong:• Kansas Heart Hospital was hit the week of May 22• It lost access to critical files for several days• It paid the ransom, and the hackers asked for more!
When it went right:• You’ll never hear about it• Proper safeguards = business continuity = no press!
11
Case Study: A Tale of Two Hospitals
12 12
Let’s revisit those initial scenarios…
Now what would you do?• Quarantine infected machines
• Deploy paper documentation
• Override ADC machines, as necessary, to retrieve patient medication
• Pull archived MARs, and deliver them to nursing units
• Schedule pickup of paper orders
• Work with IT to wipe machines/upload a backup of the EHR to the server
• Once tested, bring the system back online
• Send paper documentation to pharmacy and other areas
• Enter data into EHR
13
Questions? For more information:• Visit our website: www.completerx.com
• Follow us on Twitter: @CompleteRx
• Or on Facebook: www.facebook.com/completerx
• Keep in touch: [email protected]
13
Thank you!