At least one healthcare organization has already fallen victim to Venus, HC3 reported in a Nov. 9 analyst note. The cybercriminals behind Venus encrypt Windows devices through publicly exposed remote desktop services. “It is vital to put these services behind a firewall,” the note reads.
HC3 also recommends implementing a recovery plan with multiple copies of data and servers in a physically separate, secure location; maintaining offline backups of data; and installing updated antivirus software and updates and patches for operating systems, software and firmware.