| |SEPTEMBER 20229set-up emergency COVID-19 facilities very quickly, with little time to plan-out robust IT security infrastructures to protect these facilities. On top of that, the practically overnight shift to telehealth and remote working meant scores of new security gaps were opened and discovered by attackers just as quickly.This trend has moved in tandem alongside another dis-turbing one: a growing sophistication among ransomware groups. Instead of large-scale, brute force attacks, ransom-ware attackers have rapidly shifted to more focused, strate-gically planned and executed strikes, resulting in more pre-cise attacks that are harder to detect and defend against. This is no assembly line, mass-produced product; this stuff is the craft beer of malware. And it's the reason why resurgent ran-somware gangs which have been credited with one-third of all ransomware attacks occurring in the past year have had such devastating success by targeting healthcare providers. So how do they respond? Here are four key steps every healthcare provider needs to undertake to get ahead of their growing ransomware problem -Identify Your Weak Points: Ransomware attackers move alarmingly quick. If a target opens a phishing email attachment, it only takes a little over three hours for the cybercriminals to begin performing recon across the target's network, and within a day, they'd have accessed a domain controller and begun deployment of their ransomware package. So, knowing where your vulnerabilities are, is critical. Servers with Remote Desktop Protocol (RDP) enabled, unpatched web servers, and a lack of multifactor authentication for logins are all common and key weak points that attackers will exploit. IT Hygiene, Companywide Awareness & Education: The obvious next step once you've identified your weak points is to patch them. Don't have two-factor authentication? Implement it. Security definitions out of date? Update them. RDP servers are enabled? Shut them down or put them behind a VPN. This is as much an awareness issue as an IT one. Anyone in the organization who sends an email, has a password, or uses a device to log onto a network needs to know and practice basic IT hygiene, including creating stronger passwords and knowing how to spot spear-phishing emails. If they don't know what that means, they need to be taught. The security of a hospital's network is only as strong as its weakest password.Implement EDR with Human-Led Threat Hunting: Endpoint detection and response (EDR) shores-up security defenses for every device linked to a network, while also providing crucial information on potential threats to response teams who track down and neutralize these issues. This goes hand-in-hand with the human touch of a threat hunting team, whose expertise at recognizing red flags and attack patterns, and parsing the context of impending threats empowers organizations to proactively go after the problem ejecting ransomware packages from networks and neutralizing threats at their root cause rather than sitting in a reactive position.Deploy Lightning-Fast Incident Response: Ransomware moves fast, so healthcare providers need to be able to move faster. Sophos Rapid Response does exactly that. A first-of-its-kind offering that accelerates hospitals' and health systems' ability to identify, neutralize, and expel cybercriminals from their networks. The speed of your response is critical; it's the difference between an executed or thwarted ransomware deployment and potentially, life or death for patients. Sophos Rapid Response provides the lightning-fast edge that healthcare providers need to stay a step ahead of ransomware gangs, minimizing the damage done to their networks, recouping otherwise lost costs, reducing recovery time, and ultimately helping to preserve the speed and quality of patient care even potentially saving lives.With ransomware, the clock is always ticking and every second counts. It's not an unbeatable threat, but being able to tackle the ransomware problem means hospitals and health systems can't waste any time on deploying a combination of robust security defenses and proactive, rapid response measures. The practically overnight shift to telehealth and remote working meant scores of new security gaps were opened and discovered by attackers just as quickly
<
Page 8 |
Page 10 >