Reducing the Risk of Ransomware
Cerner’s cybersecurity team has been keeping close tabs on the recent rash of ransomware outbreaks in the health care industry, including analyzing the latest malware to develop recommendations for providers to consider in their environments.
This ransomware is more complex than past variants. It’s installing a batch file, along with an .exe – specifically sdelete.exe – that is a legitimate Microsoft application. It also is writing a series of zeros and ones to the file share that makes it impossible for forensics tools to obtain the encryption key.
Some steps you can take to help protect your environment include:
The steps above won’t guarantee you won’t be affected by ransomware, but they will help reduce your risk and enable you to detect and respond quickly if your environment is ever affected.