Mobile malware attacks are on the rise? Are you welcoming them on your secure network?
The number of malware attacks in 2017 has increased to over 42 million (a report from Kaspersky lab earlier this month). The number of attacks increased by nearly 20% last year compared to 2016 and cybersecurity experts predict phones to be a key security threat to hospital networks today in 2018.
Just to give you some idea of how risky mobile devices can be on your secure network, here are some of the latest numbers:
544,107 ransomware Trojans were detected—last year, more than a half million ransomware Trojans were discovered on mobile devices. That is more than 17 times the amount just two years before. These Trojans hit Android phones particularly hard throughout the United States.
Older phones are carrying vulnerabilities around—thinking twice about applying updates to your phone? Concerned that by upgrading your phone’s operating system, you’ll be slowing down its performance? Likely many users that are coming into your hospital (nearly half of people carrying around Android phones) have phones that aren’t updated.
By allowing these devices on your network, you open the door to getting ransomware viruses spread across your hospital. That means your outdated mobile phone could shut down the entire hospital if you aren’t careful. Many healthcare security experts recommend a 3rd party ransomware assessment to make sure you are adequately protecting your hospital’s network.
Mobile app stores are still harboring suspicious applications—over 100 apps in Google Play were recently found to be harboring malware. Many of these applications were found to be downloaded over 50,000 times. If someone on your team downloads something onto their phone, they may be bringing in all sorts of trouble if they connect on your secure network.
WAP Trojans are on the rise—the WAP malware family uses a command and control (C&C) server and have targeted a variety of apps and prompts users with pop up screens. One recent variant—Sypeng—was able to grant itself permissions from your phone, such as sending and receiving texts, making calls, reading contact information and adding itself to admin privileges.
If your users are working on their phones—with PHI (even patient names)—they are risking your hospital’s data security and may risk your patient safety. Consider ensuring that users are following best practices on their phone. More details on phone hygiene are in my latest book, PLAGUED: The CEO’s Ultimate Guide To HIPAA And Cybersecurity.
Ransomware is becoming more virulent and harder to confront—with all of the latest ransom attacks on hospitals, I cannot overemphasize the importance of keeping your network secure and patient data safe. The latest variants of ransomware are not only encrypting your files, they’re leaking those files online. Since criminals have nothing to lose when you don’t ante up and pay their ransom, they’ve decided some harsher penalties, including publishing sensitive records on the internet.
One of the easiest ways to avoid becoming the next victim to ransomware is identifying the tactical and strategic steps to prevent ransomware in the first place.
Are you concerned that your network is vulnerable to ransomware? Are you certain your users or visitors aren’t bringing malware and viruses onto your network that might lead to a hospital-wide ransom attack?
Contact Us TODAY for a free 37-point ransomware vulnerability assessment!