Ransomware: Coming to a Computer Near You

Using our office computer, I logged onto the website of our town’s surgical group.  I got what I thought was a weird dialog about running cookies and I clicked out of it. Suddenly the browser started acting odd and then normalized. In a few minutes, the problem became clear.  Malware was on my machine.

This one was evil.

My peripherals stopped working and then came the inevitable dialog.  My files were corrupted and if I just clicked the “clean” button, all would be well…. After I paid some money.

But, I was ready.  Ransomware has been my perpetual computer fear.In earlier versions of Windows, Malware was more common.  Even after being warned, my staff tended to click on sites which added junkware onto the system.  I grew weary of doing reinstalls.

The process taught me several things:

  • Store all your files in the secured cloud.  No local personal files means there is nothing to corrupt or become compromised.
  • Run your EMR in the secured cloud.  (We use Elation Health.)
  • Run only the most basic of programs on your PC.
  • Back-up, back-up, back-up.  Use two cloud providers and maybe even throw your cloud files onto an external drive.

I also received advice many years ago about office servers:  DON’T USE ONE!!!

The bottom line:

Be prepared to literally throw your laptop/PC into the garbage if it displeases you.

In this case, I did the electronic equivalent.  I used Microsoft’s Windows 10 “Reset this PC” recovery option. It wipes out your harddrive and gives you a fresh version of Windows.   It was a bit tricky because the malware tried to block me.  Dell has an option where you can do this via the BIOS.

Once you do the refresh, you install your printers and the handful of programs necessary to run your computer.  Again, keep it minimal.In 90 minutes, I was back up and running again with a fresh OS and all the necessary drivers.

BOOM! TAKE THAT YOU EVIL RANSOMWARE THIEVES!!!    Yet, I’m still angry.  With simple basic web browsing to reputable sites, a PC running a fully updated and patched Windows 10 with a fully updated Chrome Browser quickly acquired a deadly program.

Hello?  Security?  Really?

We are so doomed!

An interesting article describes the future of RansomWare:  It’s booming because people are paying!

Not me!

Steven Mussey MD

Steven Mussey, M.D. is a physician in Internal Medicine, practicing in the Fredericksburg area for more than twenty years. He grew up in Springfield, Virginia and earned a degree in Physics from The University of Virginia, Phi Beta Kappa. He earned his medical degree at The George Washington University and was inducted into the medical honor society AOA. He is Board Certified in Internal Medicine. He served in the Air Force for four years before entering into private practice. He particularly enjoys geriatric medical care and working with complex patients. For almost a quarter century, he has been practicing with one other Internist. Both doctors enjoy practice in a small, but busy office, and plan on working into their 70s, as long as they can still find their way to the office. Dr. Mussey is also an avid cartoonist and has a weekly cartoon in the local newspaper. He also enjoys cartoon animation and has had several public service cartoons playing regularly on the television cable systems. 

  1 comment for “Ransomware: Coming to a Computer Near You

  1. Beth KZ
    September 16, 2019 at 2:20 pm

    As a patient and retired IT professional, with an interest in security, it has never ceased to amaze me at how nonchalantly the medical industry treats its computerized medical records. Indeed, there are plenty of malware instances, including ransomware. Those can not only keep one out of their own files, but can corrupt them as well as making private information public – contrary to HIPPA. They could due with having and USING anti-malware software, as well as some common security measures.

    One of those is to not leave yourself logged on AND with patient information from the prior patient up on the screen, then leave the next patient in the room. This leaves open a great deal of information to the next patient, which they have no business having. Furthermore, by not closing the prior patient’s information, it is easy to start writing notes from THIS patient into the previous patient’s records, muddling up the whole thing. It can cause headaches for the patient, as well as cause future providers to have wrong information about the patient. It causes distrust for those records all around.

    If the patient with access to the records wants to, they can alter their own or others’ records, or even change the password or possibly put in a back door to allow access to those records to those who should not have them.

    Another time I became the beneficiary of some medical waste. I bought a several-years-out-of-date computer – identical to one I owned that had problems with some of its plugs. I bought it as “non working and no guarantees” from a medical device seller. When I got it, it appeared new, but the disk drive did not work properly. THIS SHOULD HAVE BEEN IMMEDIATELY RETURNED TO THE DISTRIBUTOR OR MANUFACTURER OF THE COMPUTER FOR REPLACEMENT. Instead, it had been put on a shelf, and allowed to depreciate. So, no doubt, this was replaced with a new one, expensed, and the cost passed on to customers (patients).

    Come on, guys! If you cannot or do not wish to manage the IT, hire an IT security professional who can! Meanwhile, pay attention when they tell you about security. You wouldn’t leave all patients’ medical records open to inspection and alteration if they were still paper. Why do that in electronic form?

Comments are closed.