In May 2019, the City of Baltimore’s computer systems were taken down by EternalBlue, a ransomware attack. Unfortunately, this was their second attack within 14 months. Forced to choose whether to pay $76,000 to decrypt its data or suffer the time, money, and resources to recover and restore its systems, the city chose the latter. Because the city did not have a proper file backup system in place, the attack crippled voice mail, email, and parking fines systems. It also halted payment of water bills and property taxes and delayed at least 1,500 home sales (NYTimes, May 22, 2019). The cost of systems remediation had mounted to about $6 million by August 2019. If something like this happened within your medical practice, you could imagine the hardship this could cause, especially if patient information was compromised.
Cyberattacks come often, so ensuring your practice is in the best position to defend itself or recover should always be a priority. Update often and create a routine backup schedule of important data so if ransomware strikes you can pivot to your backed-up data and continue business with little downtime. Always ensure your systems and devices have security updates to mitigate the potential of being compromised. Regardless of the cost of adopting controls, the benefit will always outweigh the cost of a breach.