As PR Manager here at Zeguro, my typical workday revolves around staying abreast of cybersecurity and general technology news, while maintaining a list of relevant reporters who require updates on our company and technology. My browser certainly has more bookmarks than your typical tech worker when it comes to security breaches and cyber malpractice of companies of all sizes, but last week’s events struck particularly close to home.
After practicing orthopedic surgery in top South Bay hospitals and running a successful partner practice, my father turned to medlegal work in the late 90s when he could no longer perform surgeries. I used to work for him in my teenage years during Summer months and I can still remember the mountains of patient files that required constant updating and sorting during the dawn of digital.
Well, last week, both my father and his IT department were likely wishing they could turn back the hands of time to the days of manilla folders, because he got hit with a ransomware attack.
He noticed inconsistencies on his screen while dictating in the afternoon, and immediately called his long time IT freelancer when he was locked out of his main machine at his desk. Because he was actually in the office and IT support was notified and on remote access, they were able to watch in real-time as the keyboard configuration was changed to Russian layout, and patient files were systematically lock down in reverse alphabetical order.
A sophisticated attack will plant an executable file once inside the network; there would be no need for manual encryption, so my father’s people knew at least they weren’t dealing with A-grade cyber criminals, but the headache and downtime this episode caused is no joke.
No ransom was paid in the end because nightly backups were executed on Barracuda cloud solutions. The decision to wipe all machines and accept the cost to business for downtime and overtime for IT was a difficult one however. The price tag is still being tallied, but because of recent planned power outages in the area for fire protection, the recovery is slower and more expensive than initially considered. My father in the meantime is checking out cyber insurance!
My personal takeaways after listening to my father’s story is that businesses like medical and legal that store lots of customer data are at risk of cyber attacks and ransomware, no matter what their size. Bi-weekly backups (if not daily) can help offset the downtime caused by a ransomware attack, but you will still have considerable business disruption. Make sure you have insurance with coverage for paying IT to get you back up, but more importantly (since we are still determining how this breach occurred) educate your employee base on cyber risks and best practices, no matter the size of the business.