Ransomware attack

Name

Professor

Date

Memo

DATE:

FROM: Head of IT Department

SUBJECT: Ransomware Attacks

Due to prevalent Ransomware attacks targeting hospitals around this state, I have been directed to find long term solution(s) to such malice.

I will highlight with the aid of a chart four steps that will help us curb this menace.

Kindly see to it that the steps are followed to the letter.

• 
  Create a standard back-up process for the data. This backup should be made recurrent.
  
• 
  Copies of these backups should be stored offline to guarantee that the malware has no access to them.( Ioanid, et al (2017, September).
  
• 
  The hospital should maintain a” gold image” of system configurations, that is, a configuration that allows the hospital to reset systems to the pre-attack state.
  
• 
  Staff responsible for maintaining all of the computers’ operating systems, applications, software, browsers and plug-ins , firmware and anti-virus software should ensure they are up-to-date with the latest patches.Before applying the patches, professionals from the IT department must thoroughly test them, along with the rest of the technical and application infrastructure so as to ensure the hospital’s firewall is properly configured by requiring passwords on Remote Desktop Protocol(RDP) ports( Ioanid, et al 2017, September).
  
• 
  Categorize IT assets e.g. desktops, servers , routers ,data, and personnel into groups and restrict access to these groups using entry and exit traffic filtering. Also, at the local device level, the hospital should consider disabling USB( Universal Serial Bus) ports to prevent malicious software delivery.( Hassan et al,2019). 
  
• 
  The hospital should also develop a “whitelist” of specified programs that are allowed to run, while blocking all others in order to prevent malicious executanles from running.
  
• 
  Restrict the ability of users to “write” which is to create and delete files on shared drives of departmental or group shares.
  

• 
  Adequate training of prsonell once all computers and networks are installed and configured
  
• 
  Review of the hospital’s wide e-mails to ensure they conform to the criteria of legitimacy
  
• 
  IT profeddiond must help create messages that users can easily identify them as legitimate e-mails. All email and website links should display the complete interest address(URL) to build trust.( Hassan et al,2019). 
  
• 
  Conducting phishing attacks by send fake (but safe) e-mails or links to websites that appear to be from legitimate sources.
  
• 
  IT department personnel should configure their virus protection software to scan all software downloaded from the internet prior to allowing users to perform it. (Sittig, et al ,2016)
  

• 
  Develop a network and user activity monierinfg system that conducts surveillance for suspicious activities
  
• 
  Contionousley monitor the external environment for new security incidents
  

In any indication that you have been attacked the the malware, you should do the following:

• 
  Turn off the computer and report it to the IT support team immediately
  
• 
  The IT professional will disconnect the infected computer(s) from the network and turn off wireless network functionality of the infected machine.
  
• 
  If the attack is widespread, all network operations ie both wired and wireless to prevent further spread
  
• 
  Once the threat is contained, the IT department will contact the hospital’s insurance 9
  

In coclusion,with the recent swift adoption of EHRs, the treat of ransonware in hospitals has been rampant. Sending a simple email mess age to all staff reminding them not to ckicvk on suspicious links or attachements is no longer suffient in preventing the threat of cyber attacks in this cuirrent environment.