Category: News & Events
October 26 2016
Description of this Image

Cerner’s cybersecurity team has been keeping close tabs on the recent rash of ransomware outbreaks in the health care industry, including analyzing the latest malware to develop recommendations for providers to consider in their environments.

This ransomware is more complex than past variants. It’s installing a batch file, along with an .exe – specifically sdelete.exe – that is a legitimate Microsoft application. It also is writing a series of zeros and ones to the file share that makes it impossible for forensics tools to obtain the encryption key.

Some steps you can take to help protect your environment include:

  1. Keeping your antivirus signatures up to date.
  2. Continuing to educate your staff around phishing emails, which are the primary delivery method for this type of malware.
  3. Performing regular patching of your environment.
  4. Monitoring your environment for any suspicious network traffic.
  5. Maintaining current backups of all critical file shares.

The steps above won’t guarantee you won’t be affected by ransomware, but they will help reduce your risk and enable you to detect and respond quickly if your environment is ever affected.

Don Kleoppel,Chief Security Officer

Don Kleoppel Chief Security Officer Cerner

@cerner

More from Don Kleoppel

Top Hit Blogger_Healthcare IT Leaders
;