Simple steps radiology leaders can take to fight back against ransomware

Manufacturing remains the industry most commonly targeted by ransomware criminals, but healthcare is gaining fast. One recent report showed attacks in the medical sector up 650% this year over last.

In an educational session at RSNA 2022 on Monday, two experts cited the sobering statistics and offered some surprisingly easy ways to thwart bad actors who may eye poorly prepared radiology practices as easy paydays.

Former FBI special agent and chief of strategic initiatives David Miller, MPA, who now works as chief administrative officer of Imagine Software, was joined by Barbara Rubel, MBA, senior VP of business development at MSN Healthcare Solutions.

Noting that cybercriminals have learned to sidestep law enforcement by marketing “ransomware as a service” for a price on the Dark Web, Miller suggested occasionally asking desktop support staff “a little about what you’re up to today.”

This modest workplace interaction “can help you get a better understanding of the things [your IT people] are doing to protect your data,” Miller said. “It also may identify some areas that you want follow up on with management.”

Of course, such strategic chitchat won’t do much if it isn’t part of a broader and more regular communications process, Miller suggested. Equally important is maintaining open lines of information exchange with IT leadership.

“They love talking about what they’re doing,” Miller said. “Ask them to share how they protect your data—and then ask for some proof. Say, ‘Hey, can you show me our patching policy?’”

Other requests might be for policies and practices around password refreshing, server updating and the like.

“From a leadership perspective, this [kind of banter] gives you peace of mind,” Miller said. “Ultimately, it really is up to the folks on the front lines of cybersecurity to protect your entire organization. Having them show you what they’re doing is pretty powerful. I highly encourage it.”