Cyber Security is critical in the healthcare sector. Almost half of all data breaches in hospitals and the wider healthcare sector are due to ransomware attacks, according to new research. Ransomware gangs are increasingly adding an extra layer of extortion to attacks by not only encrypting networks and demanding hundreds of thousands or even millions of dollars in Bitcoin to restore them but also stealing sensitive information and threatening to publish it if the ransom isn’t paid.
Double Extortion in Cyber Security
This double extortion technique is intended as extra leverage to force victims of ransomware attacks to give in and pay the ransom rather than taking the time to restore the network themselves. For healthcare, the prospect of data being leaked on the internet is particularly disturbing as it can involve sensitive private medical data alongside other forms of identifiable personal information of patients.
SEE Cybersecurity: Let’s get tactical (ZDNet/TechRepublic special feature) | Download the free PDF version (TechRepublic)
Some organizations will, therefore, opt to pay the ransom to prevent this from happening while others will not give in to extortion demands. As a result, ransomware is now responsible for 46% of healthcare data breaches, according to an analysis by cybersecurity researchers at Tenable. More than 35% of all breaches are linked to ransomware attacks, resulting in an often-tremendous financial cost.
One of the key methods for ransomware gangs gaining access to hospital networks is via a pair of VPN vulnerabilities found in the Citrix ADC controller, affecting Gateway hosts (CVE-2019-19781) and Pulse Connect Secure (CVE-2019-11510).
Both vulnerabilities had received security patches to stop hackers from exploiting them by the beginning of 2020, but despite this, large numbers of organizations have yet to apply the update.
That is allowed ransomware groups – and even nation-state-linked hacking operations – to exploit unpatched vulnerabilities to gain a foothold on networks and they will continue to do so if networks have not received the required security patches.
“As the attack surface expands, vulnerability management has a central role to play in modern cybersecurity strategies. Unpatched vulnerabilities leave sensitive data and critical business systems exposed, and represent lucrative opportunities for ransomware actors,” said Renaud Deraison, co-founder and chief technology officer at Tenable.
SEE: Cybersecurity: This ‘costly and destructive’ malware is the biggest threat to your network
The key way to protect networks falling victim to ransomware and other cyberattacks is to apply patches when they’re released, particularly those designed to fix critical vulnerabilities. And if there’s applications that your organization uses that no longer receives security updates, researchers recommend replacing this software with an alternative that is still supported.
“If the software solutions used by your organization are no longer receiving security updates, upgrading to one with an active support contract is vital,” the report says.
“It is imperative that organizations identify assets within their environments that are vulnerable to months- and years-old flaws and apply relevant patches immediately,” it said.
MORE ON CYBERSECURITY
• These software bugs are years old. But businesses still are not patching them
• How ransomware attackers are doubling their extortion tactics TechRepublic
• Ransomware vs WFH: How remote working is making cyberattacks easier to pull off
• Ransomware attacks on hospitals could soon surge, FBI warns CNET.
• Ransomware: Attacks could be about to get even more dangerous and disruptive
MORE ON PRIVACY
• Microsoft to apply California’s privacy law for all US users
• Mind-reading technology: The security and privacy threats ahead
• How to replace each Google service with a more privacy-friendly alternative
• Cybersecurity 101: Protect your privacy from hackers, spies, and the government
This is excerpted from ZDNet firstname.lastname@example.org and WWW.acginfo.biz
With over 30 years of telecom and IT experience we have several vendors that can help with solutions to cybersecurity call Applied Consulting group @ 888.208.0020