ECRI recommendations for healthcare leaders to address ransomware attacks on remote access systems

ECRI's recently published a report detailing their includes recommendations for healthcare leaders to address ransomware attacks on remote access systems.

Some of the recommendations are:

• Ensure that Internet-facing systems (e.g., remote access systems, VPNs) are configured securely and that security updates are applied.
• Consider blocking network traffic to internet-facing systems from potentially adversarial countries with which your organization does not conduct business.
• Routinely audit logs and traffic from remote access systems.
• Do not ignore other attack vectors such as phishing and password compromise.
• Develop incident response plans that include ransomware contingencies and recovery.
• Maintain backup and recovery methods for all IT systems, and periodically test restoration from backups.
• Consult legal counsel in the event of a data breach or ransom demand. Consider that payment of a ransom incentivizes future attacks, and that payment is not a guarantee that systems will be restored, either in part or in full.

ECRI release