Texas physicians should look out for a security weakness in Microsoft Windows 10, Server 2016, and Server 2019, the Department of Homeland Security (DHS) said this week.
The weakness could allow hackers to introduce malicious software to decrypt, modify, or inject data onto your servers without being detected, DHS said in an emergency directive.
Microsoft last week released a software patch that will help mitigate those vulnerabilities, DHS said.
“Though the Cybersecurity and Infrastructure Security Agency is unaware of active exploitation of these vulnerabilities, once a patch has been publicly released, the underlying vulnerabilities can be reverse-engineered to create an exploit,” the directive said. “Aside from removing affected endpoints from the network, applying this patch is the only known technical mitigation to these vulnerabilities.”
How can physician practices protect their networks?
- Talk to your IT consultant as soon as possible;
- Determine if your practice uses remote desktop connections;
- Determine if all devices in your practice are operating behind a firewall;
- Determine if all devices are set to automatically run Microsoft patches or updates – if not, discuss configuring them to do so; and
- Confirm that the January 2020 Microsoft update has been installed.
As always, the Texas Medical Association has plenty of tools and information on its Ransomware and Cyber Security Resource Center to keep you and your practice safe from cyber-attacks.
In addition, Texas Medical Liability Trust (TMLT) offers cyber-consulting services – including risk assessments, physician and staff HIPAA training, and CME programs – to keep your practice safe. TMLT includes cyber liability coverage in its policies and is the only medical professional liability insurance provider exclusively endorsed by TMA.
Last Updated On
January 17, 2020