IMPORTANT NOTICE:

SC Broadband Email Service Will End on January 2, 2025

We want to inform you that SC Broadband will be discontinuing Email service and the Webmail portal website for customers on January 2, 2025. If you have an email account with SC Broadband, your email account with us will no longer accept new emails and the Webmail portal will cease to be available after that date.

We understand that email is a vital communication platform and we do not take this decision to end email service lightly. That's why we are providing ample notification to make this change less impactful. We've also sent notices and additional guidance to the affected email accounts to assist you during this transition period.

For step-by-step guides and answers to common questions, we've provided an Email User Transition Guide at emailguide.scbroadband.com. Our Technical Support Team is also available to help with backing up old emails and transitioning to your new account. Please call 435-263-0000 or email techsupport@scbroadband.com any time you need assistance.

Proceed to Webmail
View the Email User Transition Guide

Ghost Ransomware is Inside Healthcare

Ghost ransomware targets forgotten healthcare infrastructure. Find and fix exposed RDP, outdated OS, and clinical VLAN risks before downtime hits...

The Hidden Entry Points

Ghost ransomware doesn’t use new exploits. It hunts what hospitals forgot: exposed Remote Desktop Protocol (RDP), unsupported Windows systems, and flat (non-segmented) Virtual Local Area Networks (VLANs). In state audits across the U.S., open RDP ports show up again and again with no controls in place.

According to the Cybersecurity & Infrastructure Security Agency (CISA), attackers actively scan and breach through these forgotten paths. If your last audit was more than 90 days ago, Ghost may already be inside.

The Cost of Inaction 

Ghost ransomware doesn’t break in—it walks through forgotten doors. Once inside, it halts care, triggers fines, and drags your name into the headlines.

What follows isn’t just encrypted data—it’s stalled clinics, legal fallout, and long-term erosion of trust.

  • $2.57M Average Loss – Recovery, downtime, and legal costs now average $2.57 million per healthcare breach—before ransom.
  • Up to $1.5M in Fines – HIPAA violations tied to unpatched systems can trigger penalties up to $1.5 million per category.
  • Clinic-Wide Shutdowns – One Ghost attack locked 320,000 patient records and shut down 10 clinics in Utah.
  • Mandatory Public Exposure – PHI breaches are posted on the HHS portal, sparking media coverage and reputational fallout.

How Long Have Your RDP Ports Been Exposed?  

Ghost ransomware doesn’t exploit new vulnerabilities. It reuses the same ones. 

 Legacy systems. Open ports. Flat networks. 

 That’s not theory. It’s the playbook. 

Get a FREE Risk Assessment

How to Block Ghost Before It Spreads 

Ghost exploits what’s already in place—not what’s newly exposed. Blocking it doesn’t require a rip-and-replace. It requires visibility, discipline, and execution. Here’s where to start. 

Identify and Prioritize Legacy Systems 

Ghost starts where no one’s looking. Run a full asset discovery sweep for endpoints still running Windows XP, Windows 7, or Server 2012, especially in diagnostics, lab middleware, and authentication paths. 

Execution Tip: Don’t treat infrastructure as uniform. Map legacy endpoints by department. Ghost leverages what’s already off your radar. 

Disable or Secure Remote Access Ports 

RDP and SMB ports remain exposed in healthcare environments—most often through drift. Shut down ports 3389 and 445 wherever possible. If access is required, enforce MFA, IP allowlists, and session expiration. 

Execution Tip: Exposure isn’t always intentional. Audit firewall rules regularly to catch drift before attackers do. 

Monitor Regulated Devices Without Breaking Compliance 

You can’t deploy full EDR to FDA-regulated equipment, but you still need visibility. Lightweight behavioral agents in passive mode detect anomalous activity without disrupting certification. 

Execution Tip: You’re not aiming for endpoint control, just the ability to spot lateral movement before it crosses into critical systems. 

Segment Clinical from Administrative Networks 

This threat doesn’t rely on phishing but finds what IT missed. Split your VLANs between clinical and non-clinical systems. Restrict internal traffic between EHR, HR, labs, and radiology using ACLs and zoning. 

Execution Tip: Segmentation isn’t a hardware lift. It’s a configuration discipline. The right rules prevent malware from moving beyond its first foothold. 

Run a Real Restore Drill—Quarterly 

 If you haven’t tested recovery under pressure, assume it will fail. Run full restore simulations for scheduling, diagnostics, and electronic health records (EHR). Recovery should be complete in under four hours. 

 Execution Tip: Backups that can’t restore fast aren’t backups. They’re liabilities. 

See What Ghost Already Knows. 

 Ghost doesn’t rely on phishing. It finds the forgotten. If you haven’t tracked your vulnerabilities, Ghost already has. 

Get a FREE Risk Assessment

What Ghost Really Exposes

This isn’t just ransomware—it’s a mirror. What gets hit are the systems no one’s touched, the ports no one closed, the networks that were never segmented because other fires felt bigger. Attackers don’t need zero-days. They need time—and they get it when no one’s looking. Ghost moves through the gaps IT meant to fix later.

You don’t need a rip-and-replace. You need eyes on what you’ve overlooked. Get a free IT risk assessment.