Can A Software Patch Prevent A Ransomware Attack?
This patch, more than eight years overdue, could have prevented the MedStar Health Ransomware Attack
Some things just make you want to grind your teeth. Even after hospitals in California and Kentucky had been attacked during the last 30 days other health care companies didn’t do the obvious thing and examine their own cybersecurity measures to insure that the exact same thing didn’t happen to them. You really have to wonder: what are these people thinking… or NOT thinking?? And from a technical standpoint it makes you wonder: Can A Software Patch Prevent A Ransomware Attack?
Cybersecurity attacks come in all shapes and forms and in various levels of sophistication. Some require a deep-dive into the code of website to find a back door and then expert “drilling” to plant nefarious trojans or viruses. Others require a phone call with a plea to the customer support rep on the other end of the line for help – referred to as “social engineering” in the industry. But the easiest hacks are those that are known to the hacker world and referenced regularly in postings on the “dark web” that become relatively common knowledge.
That’s exactly the kind of attack that made the folks at MedStar Health, one of the largest health care providers on the east coast, miserable. As described in this Ars Technica article (those guys do such a great job explaining the complex in simple language) an old – practically ancient by cybersecurity standards – but gaping hole was left in MedStar’s security because they hadn’t installed a simple software patch that was available as far back as 2007. The end result was patients and doctors being locked out of the system and a fire drill for the IT department.
Now, in fairness, credit goes to MedHealth for preventing a total disaster. According to them none of their patient’s data was compromised and they didn’t pay any ransomware to recover their files. But really, guys, a nine-year-old patch could have prevented this attack and the embarrassment that came with it in the first place.
So what does this mean to you or your company? Simple:
- Keep software up-to-date.
- Install security patches as recommended by the software publisher.
- Audit your system regularly (preferably by having an outside firm do it).
Remember this: It takes a long time to build a reputation and just a few seconds to destroy it. Sure, there are more ways to get hacked than simply overlooking a software patch but this one is pretty easily handled. Don’t let a ransomware attack disrupt your business. Be careful. Be diligent. BeCyberAware!