A holiday weekend is something people look forward to, including cybercriminals, but they aren’t busy trying to relax like the rest of us. Instead, they like to target businesses during the holiday season.
Read more: HIPAA compliant email: The definitive guide
Why do the holidays increase the chances of a cyberattack?
The biggest reason why hackers like to initiate cyberattacks during a holiday is that IT teams are shorter staffed. Businesses may be running on a minimally operational team since many employees take time off to enjoy the holiday.
For example, the July 4th weekend saw a huge surge of network disruption when Kaseya software fell victim to a ransomware attack. It caused hundreds of businesses to close and is considered the largest ransomware attack on record. The attack reportedly started on Friday afternoon as many employees logged off and headed into the holiday weekend.
While cybercriminals target all businesses during a holiday, they especially like to exploit the healthcare industry. The pandemic saw a significant increase in the number of ransomware attacks and difficulty treating patients due to network outages. Cybercriminals are aware that healthcare organizations depend on their network to treat their patients and may feel more pressure to pay a ransom to restore their operations.
What can you do to protect your healthcare business?
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) recently released best practices for ransomware awareness during holidays. Some of their recommendations include:
- Review data logs for suspicious activity
- Have IT employees available to respond to a ransomware attack over a holiday
- Make an offline backup of data
- Conduct employee training on phishing schemes
- Require multi-factor authentication (MFA)
- Monitor RDP access to resources over internal networks and use a VPN
- Ensure business associates are following appropriate security measures
- Have a strong password policy
- Keep an incident response plan
Consider email security with Paubox
Healthcare professionals need to ensure that they are sending HIPAA compliant email. The safety of their data depends on it. Paubox Email Suite automatically encrypts all outgoing emails and delivers them directly to a patient’s inbox. You don’t need patient portals to safely communicate with your patients. Plus, patients prefer email communication.