The recent wave of ransomware attacks has highlighted serious security vulnerabilities in many healthcare IT systemsvulnerabilities that are also prevalent in other industry segments. This growing trend of attacking healthcare targets isnt surprising, given the high value and sensitivity of patient information. The healthcare industry is an early adopter of Internet of Things (IoT) technologies used in virtually every piece of electronic medical equipment today. Moreover, healthcare practitioners are power users of mobile devices such as tablets and smartphones, which further expand the attack surface. The medical industry is also accelerating its testing and acceptance of remote diagnostics, monitoring and telemedicine applicationsall of which include networked mobile or IoT devices that must be secured.

While the focus of this solution brief addresses recent attacks using the Locky strain of ransomware, the same security principles, processes and solution components apply to effectively mitigate risks posed by other types of malware.