Roughly one in three computers are infected with some type of malicious software, according to a report published by the Anti-Phishing Working Group. Known as “malware,” this software often steals the user's data or even hijacks the computer so it can be controlled remotely. As a result, doctors, physicians and other covered entities must use caution to ensure their systems are protected against this threat; otherwise, they could face harsh fines for Health Insurance Portability and Accountability Act (HIPAA) noncompliance.
But there's a new type of malware that has security experts worried. Normally, malware loads after the operating system. When you turn on your computer, it reads the Master Boot Record (MBR) and Volume Boot Record to determine which partitions of the hard drive should be read and loaded. A troublesome new malware, known as BOOTRASH, however, seeks to load itself before the computer's operating system loads.
The security experts at FireEeye explained that BOOTRASH is capable of executing on either 32-bit or 64-bit Windows PCs. It does this by creating a virtual file system to store a keylogger, file transfer program, screen capture program, and process manipulation program. Once the programs are installed in the VBR, BOOTRASH decodes a boostrap code from its resources, hijacking the startup process. Technical jargon aside, this allows the malware to load before the operating system.
"The goal is to maintain persistence on the target systems. The malware is unique because it has a component that loads in the Volume Boot Record, making it hard to detect and remove," said Wayne Crowder, director of threat intelligence at RiskAnalytics.
In the event that one of your PCs has become infected with this malware, the only viable solution is to perform a complete wipe of the hard drive..... so back up your data!
So, what can covered entities to do to protect their systems against this malware? The HIPAA Security Rule actually provides some helpful tips on how to maintain a secure digital environment. For starters, you should install a virus scanner like AVG or Microsoft Essentials (or both), as this is your first line of defense against malicious programs. Furthermore, you should encrypt all traffic on your network, so even if someone gains access to your system he or she won't be able to read the data. You can also protect against threats such as this by proactively monitoring your network for signs of suspicious activity.