* Guest Post by Jennifer Barlow, Clinical Librarian for Ascension Borgess Health Care in Kalamazoo, MI, and past president of The Michigan Health Sciences Library Association (MHSLA).
Last December, the Network of the National Library of Medicine (NNLM) presented a webinar on Ransomware Attacks : What Librarians Need to Know. Two librarians related their experiences with ransomware attacks. Though they were both cautionary tales, they had very different outcomes, and each provided useful takeaways. The webinar is now available on YouTube.
Hancock Health in Indiana was attacked in 2018. They chose to pay a $50,000 ransom and were back up fairly quickly. However, complying with criminals may encourage them in further attacks.
University of Vermont Medical Center suffered an attack in 2020. They decided NOT to pay. Systems were down for weeks, and the recovery process took nearly 3 months. Hundreds of employees were furloughed during that time. The cost to recover was between $40 - 50 million. All PCs and servers had to be wiped and rebuilt.
It’s a tough choice deciding whether or not to pay. And there’s no guarantee that even if you fork over the ransom, the hackers will keep their word and restore your data.
Lessons learned included:
❖ When an attack is underway, immediately disconnect computers from the network - but don’t turn them off, you may not be able to turn them back on.
❖ Essential information, including contact information, should be duplicated off network.
❖ Make sure people know how to use back-up processes.
❖ Collect alternative contact information for key personnel, in case hospital system email / phone is inaccessible.
❖ Make a communication plan.
❖ Special lessons for libraries: Encourage users to set up personal accounts with our databases. Maintain core textbooks in print. Rely on interlibrary loan partners in a crisis.
The main takeaways: Be vigilant, be prepared, and practice.
Check with your organization to see what instructions your own IT people recommend in the event you are hacked.
* Special thanks to Jennifer Barlow for allowing us to repost this article from her Ascension Borgess Library Line Newsletter. Used by permission.
No comments:
Post a Comment