By Jeff Wardon, Jr., Assistant Editor

Cybersecurity incidents continue to rise as the number of possible attack vectors increases. A press release from ECRI highlights one attack vector of particular interest to healthcare facilities managers: remote access systems. 

Ransomware groups are increasingly targeting vulnerable remote access systems in healthcare, causing significant disruptions, according to a press release from ECRI. These attacks can disable essential technologies and patient data access, hampering a hospital's ability to provide care. Remote access is commonly granted to employees, physicians, vendors and support personnel, creating potential entry points for hackers. 

"The consequences of these attacks can be devastating: vital medical records held hostage, treatment plans in disarray and potentially deadly delays in care," says Marcus Schabacker, president and CEO of ECRI. "Each unchecked vulnerability is a threat to patient safety." 

Related: What Role Does Facilities Management Play in Healthcare Cybersecurity?

ECRI recommends the following precautions to address ransomware attacks on remote access systems: 

• Make sure that Internet-facing systems, such as remote access systems, are set up securely and updated regularly. 
• Consider blocking network traffic to internet-facing systems from potential hostile foreign parties that the organization does not do business with. 
• Regularly audit logs and traffic from remote access systems. 
• Pay attention to other possible attack vectors, such as phishing and password cracking. 
• Develop response procedures for ransomware situations and recovery. 
• Keep a backup and recovery methods for all IT systems. 
• Talk with legal counsel if a data breach or a ransom demand happens. Considering the payment of ransom will only drive future attacks. 

Jeff Wardon, Jr. is the assistant editor for the facilities market.