To avoid having to even consider paying a ransom, experts have long urged all organizations to put in place appropriate defenses. Two defensive strategies for healthcare firms are moving backup and recovery to the cloud and practicing incident response scenarios.
The email attack vector. It may not earn much discussion, but the adversaries take full advantage of it with phishing, BEC and now email platform attacks. Mike Britton, CISO of Abnormal Security, talks about the latest threat trends and how to detect and defend against them.
Anything that can write a software code can also write malware. The latest AI technology can do it in seconds. Even worse, it could open the door to rapid innovation for hackers with little or no technical skills or help them overcome language barriers to writing the perfect phishing email.
A ransomware attack knocking out a medical center's imaging and lab equipment is an incident felt by an entire network of healthcare providers. Entities everywhere should plan for outages even when they don't directly experience an attack, say Aftin Ross of the FDA and Penny Chase of MITRE.
Ransomware operations have become expert at finding ways to make a victim pay. But experts say there are multiple steps healthcare sector entities in particular can take to better protect themselves and ensure that they can quickly restore systems and never have to consider paying a ransom.
Defenders have made strides in disrupting ransomware, but assessing the effectiveness of countermeasures is tough due to a scarcity of information, says cybersecurity veteran Jen Ellis. "We know what the tip of the iceberg looks like, but we don't know what percentage of that iceberg we can see."
U.S. federal authorities are warning healthcare providers, vendors and public health sector organizations of attacks involving LockBit 3.0 ransomware, which includes features of other ransomware variants, including BlackMatter, along with the threat of triple-extortion demands.
A ransomware attack on the Irish healthcare system in 2021 has cost the government 80 million euros in damages and counting. The Irish Health Service continues to notify victims of the incident that their personal information was illegally accessed and copied.
Chicago-based hospital chain CommonSpirit reported to federal regulators that its October ransomware incident affected the protected health information of nearly 624,000 individuals. Among the information compromised were names, addresses, phone numbers and birthdates.
Attackers wielding Royal ransomware have been hitting crypto-locking healthcare targets, the U.S. Department of Health and Human Services warns, saying that in each known case, attackers "claimed to have published 100% of the data that was allegedly extracted from the victim."
Hosted services company Rackspace is warning customers about the increasing risk of phishing attacks following a ransomware attack causing ongoing outages to its hosted Exchange environment. The Texas-based firm also is now facing a class action lawsuit.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity and privacy issues, including the evolution of the CISO role, the community impact of ransomware attacks targeting hospitals, and trends in cybersecurity customers' buying behavior.
Ransomware gangs rely on shotgun-style attacks using phishing or stolen remote access credentials to target individuals. This strategy snares less poorly prepared organizations, and that often means healthcare entities. Experts share insights on this plague on healthcare and what to do about it.
The Hive ransomware-as-a-service group says it posted customer data obtained during a November attack against French sports retailer Intersport. The U.S. federal government estimates the group has attacked more than 1,300 companies worldwide, collecting about $100 million in ransom payments.
Especially for healthcare organizations, repelling ransomware attacks hinges on having robust monitoring and defenses in place to spot the signs of an unfolding attack and shut it down before crypto-locking malware gets unleashed, says Peter Mackenzie, director of incident response at Sophos.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.