5 Questions about Dual Ransomware Attacks

/in


When the FBI issues a warning about a new cyberattack trend, it’s not just hype. Healthcare IT teams should pay attention and adjust tactics if appropriate. Last year, the federal law enforcement agency warned of bad actors using multiple attacks to target the same victims. Here’s what healthcare organizations need to know.

1. What Is Dual Ransomware?

Dual ransomware is the cybercriminal version of “attack in depth.” Rather than depend on a single ransomware toolkit, criminals are deploying multiple ransomware packages at the same time or within a day or two once they’ve gained a foothold in a network. The FBI also warns that cybercriminals are leaving behind dormant data wipers as yet another way to pressure victims into responding to payment demands.

Click the banner below to learn how to get the most out of your zero-trust initiative.

 

2. Why This Attack Method?

Malicious actors are finding it more difficult to break into enterprise networks. As IT managers and vendors get better at blocking attacks, cybercriminals must leverage a smaller number of successful break-ins to ensure that they can hold an organization for ransom. Breaking in is the hard part; the ransomware piece is now a commodity available from more than a half-dozen dark-web vendors. It’s therefore worth it to criminals to make sure that, once they’re in, they can take control, maintain it and maximize their chances of a high payoff. Combining multiple tools with both data encryption and exfiltration techniques, dual ransomware attacks are twice as hard to defeat.

READ MORE: What is a rapid maturity assessment and why is it useful in zero trust?

3. Why Is This a Big Deal for Healthcare IT?

Healthcare is one of the most vulnerable industries when it comes to ransomware. Either an encryption attack that locks up important patient data or an exfiltration attack that risks exposing patient health information can cause a lot of damage. Having both occur at the same time is a gut punch when a cybercriminal comes calling.

4. What Defense Tactics Should Be Used?

When healthcare IT teams respond to an attack, they must remember that multiple tools are likely being deployed: Once…

Source…