On July 18, a faulty software update from CrowdStrike caused disruptions that impacted both small and large-scale businesses worldwide. This single event led to service interruptions across a broad spectrum — flights were canceled, patients were diverted, electronic payments didn’t work, and gas station pumps weren’t functioning. It impacted travel, banking, health care and more than likely, you in some way.
While Houston Methodist wasn’t directly impacted, some of the third-party systems we use were. The CrowdStrike outage is precisely what would happen to our core business systems in a ransomware attack and should serve as a valuable reminder of the critical role cybersecurity plays in keeping our systems and data safe — both at work and at home.
Thankfully, HM has various technologies in place to safeguard our systems against cyberattacks, and we’re constantly working to enhance them. While all the protective measures we have in place may not be visible to you, and there are some you may think are a hassle, it’s imperative that you never bypass them. Just one misstep, such as sharing your password, connecting to HM systems from a non-HM device or installing unapproved software could have a significant impact on HM. Remember — you’re our primary defense to keeping our patient and business data secure, so stay vigilant!
Tips to Stay Secure at Home
-
You’ll also want to ensure that at home, your personal data and systems are protected. Your financial information, personal files and cherished photos could be gone instantly, if your systems aren’t adequately protected. Hackers can even break into your bank or investment accounts and empty them, so it’s important that you safeguard your personal information by following these simple steps:
-
Use an up-to-date, secure, advanced antivirus program or fully activate Microsoft Windows Defender. Try not to use free programs, such as Kaspersky, which are riskier.
-
Keep your device’s auto-update feature activated, so your system stays secure. Cybercriminals often take advantage of security loopholes shortly after those loopholes are made public. If your auto-update feature is enabled, it will promptly secure your system.
-
Strong passwords are imperative, and it’s critical to never use the same one repeatedly. Consider using a personal password manager (e.g., Dashlane, 1Password, Bitwarden, etc.) to easily store and fill in your passwords, so you don’t reuse them. Remember to activate multifactor authentication (MFA) across all systems, whenever possible. Never share your password with anyone, even if they claim to be “support staff.”
-
Always change default passwords when setting up any device, especially for essentials, like home Wi-Fi and routers.
-
Be cautious about sharing personal information. Remember to be mindful of what you share on social media and other online platforms. Never enter personal information or PHI into publicly available generative AI tools, like ChatGPT.
-
Remember to back up your data! You can store your backups on a secure, online back-up platform or locally installed removable disk. Don’t keep the local disk connected, as ransomware can encrypt the backup.
