Often, when people think of a malware attack, trojan threat or cyber hack, they assume that the criminals are targeting large financial institutions or retail giants.
The fact is that increasingly, small to medium sized businesses are the targets of these cyber crimes. This is due to the fact that they often have less stringent security, and often the bad actors can sneak in more easily. While this should be a concern for all types of organizations, the healthcare industry should be especially concerned.
Why Health Care Providers are Vulnerable
Any organization which operates in the healthcare sector is dealing with Private Health Information, or PHI, which is protected under the HIPAA Act. There are strict rules – and heavy fines – for those in the industry who do not take proper precautions to secure and protect the healthcare data of their clients, whether it be personal information, payment information, prescriptions or procedures which have been performed.
What is the Trojan Threat?
Many people have heard of malware attacks and virus infections, and have taken steps (such as firewalls and anti-virus software) to make sure that these intrusions do not affect their business. The trojan threat is another category of virus which you should be aware of. Trojan threats get their name from the ancient legends of using a trojan horse to “sneak” behind enemy lines in warfare.
A Trojan virus infects remote computers by altering the individual desktop or deleting important files. It is especially insidious as it appears as a legitimate file or software download from a trusted source. Because it appears to be safe, users are unwittingly tricked into opening or downloading the file, triggering the virus to install itself on the remote system.
Once installed on a user’s computer system, the trojan allows the hacker remote access to the host computer, opening the host computer up to a variety of destructive or undesired activities. Not only can the remote hacker steal payment information, but can re-route shipments, change prescriptions, or discover personal, confidential healthcare information.
In short, trojan viruses can delete, block, modify, copy, or distort your data – all from a remote location.
How to Guard Against a Trojan Threat
Like most malware, trojan virus threats are ever-changing in order to escape detection. It is nearly impossible for an organization to keep up with all of the cyber threats coming at them every day. Therefore, the following steps are highly recommended to protect your healthcare organization:
- Install Anti-Virus Software: It is imperative to have a reputable anti-virus software installed on your network, and that you install any and all updates that they send. These companies are on the front lines of the cyber fight.
- Implement a Firewall: A firewall is a network security system which monitors and controls incoming and outgoing network traffic based on established security rules. A firewall sets up a barrier between your internal network and untrusted external network, most often the Internet.
- Train Your Employees: The nature of the trojan threat is that it looks like it has come from a trusted source. Your employees should be trained to never open anything on their company computer which has not been requested. It is also good practice to call the sender, even if a trusted source, to make sure that the transmission did, in fact, originate with them.
- Keep Your Operating System Updated: All security patches and updates should be installed as soon as they are received from the manufacturer. Cyber criminals can more easily gain access to your system through known weak areas, so these should be fixed as soon as is practicable.
- Ask for Help: The world of cyber crime can be dizzying to keep up with, and as a healthcare professional, this is not your area of expertise. One of the best ways to make sure that your security protocols, anti-virus software and firewalls are up-to-date is to contract with a professional managed services provider who makes it their business to protect you from any and all outside threats.
Alliance IT has the expertise and personnel you need to protect your PHI – and all of your data. Call us today to learn more about how working with our team can give you peace of mind.
