Tag Archive for: impact

The Impact Of Ransomware On South African Businesses In 2023

/in


On top of everything else South African businesses have to worry about, ransomware attacks are becoming more and more of a problem. And an expensive one.

An independent survey commissioned by Sophos reveals that a staggering 78% of South African organisations fell victim to ransomware attacks in the past year, marking a substantial increase from the 51% reported in the previous year’s survey.

This surge surpasses the global average of 66%, highlighting the pressing need for businesses in the region to address the ransomware threat effectively.

Ransomware root causes and attack vectors

Exploited vulnerabilities emerged as the predominant root cause of ransomware attacks in South African organisations, contributing to 49% of incidents. Compromised credentials followed closely, constituting the second most common attack vector, affecting 24% of organisations.

These findings underscore the critical importance of regularly patching vulnerabilities and implementing robust identity and access management practices to mitigate these threats effectively.

A concerning 89% of ransomware attacks in South Africa resulted in data encryption, surpassing the global average of 76%. Furthermore, data theft occurred in 35% of these cases, exceeding the global average of 30%.

However, there is a silver lining: 100% of South African organisations successfully retrieved their encrypted data, slightly outperforming the global average of 97%. This emphasises the importance of maintaining secure and accessible backups.

Ransom payments and recovery

While 45% of South African organisations opted to pay the ransom, this rate showed a slight decline from the previous year’s 49%. Globally, the average ransom payment rate in 2023 stood at 47%. Notably, 24% of South African organisations adopted multiple recovery methods simultaneously, demonstrating the importance of having diversified recovery strategies in place.

One revelation of particular note from the survey was the disclosure of a ransom exceeding $5 million (R97.3 million) paid by one organisation (although it wasn’t named). Excluding ransom payments, the average cost for South African organisations to recover from ransomware attacks…

Source…

Hospitals hit by ransomware attack break down impact on operations, patients

/in


Five Southwestern Ontario hospitals were hit by a ransomware attack on Oct. 23, 2023. (CBC/Erie Shores Healthcare Facebook - image credit)

Five Southwestern Ontario hospitals were hit by a ransomware attack on Oct. 23, 2023. (CBC/Erie Shores Healthcare Facebook – image credit)

For the first time, top leadership from the five hospitals in southwestern Ontario hit by a ransomware attack answered questions from the media — acknowledging the significant impact the incident has had on care, as well as the large amount of data that has been stolen.

During the roughly 50-minute meeting on Friday, each hospital CEO said their facility has been hard hit by the Oct. 23 attack, but that recovery is ongoing and they’re getting by with the hard work of staff. With systems down and hospitals unable to access critical information, thousands of patient appointments have been cancelled across the five hospitals, creating backlogs of varying lengths at some of the facilities.

Some of the institutions also said that they have started reaching out to the thousands of patients and staff whose information has been leaked onto the dark web. The hospitals are providing those impacted with a free credit monitoring service.

The hospital CEOs also stood behind IT provider TransForm, saying that they are “confident” the group is working hard to get systems back online, with a priority on clinical services.

“We apologize for this. And we apologize for the inconvenience this has had and the issues this has caused for the patients in our community,” said Windsor Regional Hospital CEO David Musyj.

“But I can tell you individually and collectively, our focus is on them and our focus is on our staff to regain that trust.”

Here are the latest updates each hospital shared.

Bluewater Health 

Bluewater Health in Sarnia says without access to its systems, “there has been an impact on our families and patient experience.”

CEO Paula Reaume-Zimmer says urgent and emergency cases have been prioritized and as a result, their diagnostic imaging department has had to cancel more than 3,500 appointments, causing a “significant and growing backlog.”

She also says labs in the Sarnia and Petrolia regions are deferring walk-in, non-urgent cases to deal with emergent ones.

She says staff have been notifying patients of changes to their…

Source…

The New FDIC InTREx Security Procedures: The Impact on Banks’ Digital Strategy

/in


The use of technology continues to change in banking, and with it changes in cybersecurity risks. To address these changes, the FDIC updated the Information Technology Risk Examination (InTREx) procedures.

Updates include the requirement for banks to notify the FDIC within 36 hours of any computer security incident. InTREx also evaluates whether banks notify law enforcement and customers in these cases. It also applies to third-party organizations serving banks.

These rules are bound to impact banks’ digital strategy. Here are some questions to ask bank security staff to make sure they’re in compliance with the updates.

In most cases, community banks adding digital tools will use vendors, so it’s important to understand these rules. The InTREx exam procedures can help protect banks and their customers by gaining a deeper understanding of their vendors. It’s paramount in keeping customer trust to know where their data is, what controls protect it, who has access to it, and what happens when a failure occurs.

With this updated guidance, is your bank reviewing existing vendors as part of your vendor review process, especially for critical or high-risk vendors? Make sure they’re updating contact information, getting current due diligence packets, and understanding any new technology partners they’ve engaged with since the last review, as sometimes these would be considered fourth-party vendors.

Even if your bank relies more heavily on vendors, the risk responsibility does not fall entirely on them. Banks bear the responsibility to make sure they fully understand the risks of each relationship. Contractually, there may be language to help the bank financially in case of a vendor breach.

It’s critical to understand the information each vendor has and make sure your bank gets status reports, remains in touch and conducts timely reviews. Don’t focus on responsibility from a financial perspective alone — make sure your bank accounts for reputational risk to the institution, as well.

How Should Banks Better Secure Their Data?
As chief information security officers would advise, all data should be secured consistently and at the highest level based on its defined…

Source…

Ransomware attacks reportedly impact LogicMonitor customers

/in



BleepingComputer reports that network security firm LogicMonitor had a “small number” of its software-as-a-service platform users impacted by cyberattacks, which anonymous sources noted to involve …

Source…