Tag Archive for: battle

Guarding Patient Trust: Healthcare’s Battle Against Ransomware Threats

/in


The global healthcare industry has more to worry about than just treating patients. The ever-growing risk of ransomware is a major threat currently facing the entire sector, compromising confidential patient data, and disrupting the crucial services it provides.

“With ransomware accounting for 54% of all cybersecurity threats in the healthcare industry, the chances of a successful breach are higher than ever,” explains Andrew Hollister, Chief Information Security Officer (CISO), LogRhythm. “A recent example of how threat actors are targeting the industry can be seen in the attack on Barts Health NHS Trust. The Trust, which runs five London-based hospitals and serves more than 2.5m patients, was breached by the ALPHV ransomware gang. This resulted in it compromising 70 terabytes of sensitive data, including National Insurance numbers, financial data, and insurance agreements.”

Healthcare security teams are faced with a challenging, but vital role. There is a growing need for comprehensive detection and response solutions within healthcare to overcome the threats posed by ransomware attacks. 

Here, Hollister tells us more. 

 

Healthcare under attack

The healthcare industry is a top target for hackers due to the vast amount of people that rely on its services on a global scale. Threat actors can hold healthcare service providers at ransom for large pay-outs leaving them with little other option than to give in to their demands. 

“The introduction of more connected Internet of Things (IoT) medical devices plays a part in advancing the patient experience, but also broadens the attack surface for cybercriminals. With access to hospital IT systems, threat actors can easily steal a huge range of important personal data from patients and employees alike,” Hollister explains. “Further to this, the challenges caused by the expanding threat landscape are amplified by tight budgetary constraints within the public sector. Funding limitations leave many healthcare institutions in the difficult position of having to juggle their investment priorities between cybersecurity and direct healthcare provisions.”

The level of data that some criminals can access has the…

Source…

In Battle of Ransomware Protectors, One Firm Burns a Lot of Cash, Another Preps an IPO — The Information

/in


Four years ago, one of the most intense battles in enterprise software was underway between two startups led by former colleagues: Rubrik and Cohesity. They help businesses manage data, and they also market themselves as offering protection against ransomware attacks. At the time, Rubrik was clearly in the lead, but Cohesity was growing faster and gaining on it.

Times have changed. By one measure—closeness to going public—Rubrik appears to be well ahead of Cohesity. Rubrik recently hired bankers to help it go public, according to people familiar with the matter. Cohesity still intends to go public, executives told staffers at a town hall meeting earlier this month. But the company’s losses may delay that.

Source…

Cities battle to keep their computer systems safe from cyberattacks

/in


AUGUSTA, Ga. (June 2, 2023) – Hackers continue to make more frequent and sophisticated attempts to infiltrate municipalities and government computer systems. In the past month, Augusta, Georgia, and Dallas, Texas, are among the cities that have seen system breaches. Some of the unauthorized access is simply people clicking on a wrong link while others are premeditated attempts to steal data through the breach.

They aren’t easy to defend, but everyone, including individuals, governments and businesses, need to be vigilant with their protocols and security.

Michael Nowatkowski is the head of the cyber program of study in the School of Computer and Cyber Sciences at Augusta University and knows there are a lot of bad actors out there.

“There’s potential if they are able to get onto your system that it would be something like ransomware, where they would prevent you from using your data,” said Nowatkowski.

He added it might not be just for monetary gain. They could simply eavesdrop and collect data without anyone’s knowledge.

“You want to find them as quickly as possible so they can’t perform these malicious activities or sit in a dormant state just collecting data for a long period of time,” he added.

When it comes to attacks on cities, Nowatkowski said the bad actors may just want to discredit the city or agency by defacing their web pages. Other cases, they may force a ransomware attack to get money out of the city to re-access their data.

He added it’s a challenge to prepare and defend for the attacks, as you never know what the attack vector is going to be.

“For cities to defend, they always have to be vigilant. They should try to encourage their users to use the systems responsibly. User education is a very big step and is a proactive step in defending your networks,” said Nowatkowski.

He also said if an attack did happen, it’s important to look for ways to prevent future attacks, try to figure out the root cause of how the attack happened and put measures into place to prevent them from happening in the future. This may include having a third party come in and do an assessment of the network to look for vulnerabilities.

Source…

Battle of the breach: Prioritizing proactive ransomware defense

/in


Editor’s note: The following is a guest article from Sebastian Goodwin, chief information security officer at Nutanix. 

Over the last decade, ransomware has become the de facto tactic of cybercriminals looking to make a quick buck.

And why not? Average ransomware payments are nearing the $1 million mark, and many criminal groups are now selling their tools and services on specialty ransomware as a service marketplaces.

With nearly every business already permanently connected to the internet, global ransomware damage is expected to reach an annual impact of $265 billion within this decade.

In practical terms, this means that we will soon face a reality where organizations are attacked every two seconds by threat actors that continue to evolve their tools and tactics. 

Doing business in such a world can seem overwhelming, but modern cybersecurity approaches are working to keep up with the growth of ransomware.

As a result, CISOs looking to apply advanced thinking to ransomware defense can integrate new processes and tactics as they formulate their cybersecurity strategies. 

What’s in a name? Ransomware types by description 

Today’s ransomware can come from many specialized groups and threat actors. To make things more complicated, some criminal groups even sell their tools through a ransomware as a service business model, letting anyone with a bank account or cryptocurrency wallet automate ransomware attacks via the dark web. 

Most common types of ransomware fall into six distinct categories: 

  • Crypto ransomware: After breaching individual workstations and systems, this type of ransomware finds and encrypts files, rendering them unusable. Victims are encouraged to pay a ransom or lose access to their data permanently, often by having it completely deleted off their system. 
  • Locker ransomware: While crypto-style ransomware blocks access to individual files, Locker-type ransomware affects whole machines, preventing a user from accessing any files or programs until a ransom is paid. In general, this type of ransomware affects computer systems, though some are specifically made to lock IoT and smart home…

Source…