By Aris Medical Solutions
Karsten Hahn who is a GData malware analyst discovered this ransomware called DynA-Crypt. Larry Abrams at Bleepingcomputer alerted the world about this new type of ransomware. Thanks to them, we know about this and must be diligent in protecting our information.
This new strain is even more dangerous and destructive than the others. This malware not only encrypts your data, but also takes screenshots of your active desktop, login commands that you type, and even records system sounds from your computer. It will even steal information from Skype and Chrome. While this vicious attack is encrypting your computer, stealing your information, it is also deleting your files.
This would be considered a major HIPAA data breach and not only will you lose everything, you will have to report this to your State and Federal authorities under the Breach Notification Laws.
Make sure your anti-virus and anti-malware is up to date and verify it is an enterprise version. Although this is not specifically stated under HIPAA, it is considered reasonable and appropriate. If you never have this happen to you, the HIPAA Police is not going to penalize you. However, if this does affect your practice or organization and you do not have reasonable and appropriate safeguards in place, you will be fined and penalized.
Everyone in your organization should be made aware of this new attack and remind them NOT open any file attachments OR click on any links in ANY email unless you are absolutely sure it is safe. Best practices is to open your browser and go directly to the company’s website to check on anything you receive in an email. Also be VERY careful trusting emails from friends. If YOUR email is hacked, they will spoof a name in your contact list and send an email back to YOU. They hope that since you know this person you will open the email. If you receive an email that asks you to click on a link or open a file, look carefully at the FULL email address, more than likely is NOT your friends email. Keep in mind, it still could come from their actual email address. Always call or text them and ask if they sent this to you.
For more information on how Aris Medical Solutions can help your organization with HIPAA Compliance and Protecting Patient Data call 877.659.2467 or click here to contact us.
“Protecting Organizations through Partnership, Education, and Support”