Upticks in the United States and APAC are indicative of hacker desperation amid socio-political and economic unrest.
While we may be more than six months into the COVID-19 situation, cybercriminals are showing no sign of slowing down as they continue to use this crisis for their own gains.
When a patient of a German hospital died due to a misdirected ransomware attack it made international headlines, but similar attacks are continuing.
According to Check Point Software Technologies’ CTO (APAC) Tony Jarvis, two additional hospitals in New York and Oregon have needed to reroute patients after their IT systems were crippled. In October, there was also a 33% increase in ransomware attacks against the healthcare industry in APAC.
The uptick in APAC ransomware attacks was in Singapore (133% increase in attacks against the healthcare industry) and India (20% increase). The hackers are in no way easing up on their efforts to harm the world—not sparing even the frail innocent elderly.
Given the threats that this sector faces, the only solution is to be well prepared against subsequent attacks, said Jarvis. “The threat landscape has changed dramatically over the course of the year, necessitating more sophisticated protections to prevent cases of such incidents from rising further. This is the time to be identifying security gaps and prioritizing solutions that may be needed. When there is so much at stake, working with experts that are able to identify needs and advise best practices moving forward is highly advised.”
Jarvis reminds the defenders in the sector of the two key security mandates:
- Virtual Patching: the recommendation is to patch old versions, and we get that this is sometimes impossible for hospitals. Therefore, we recommend using intrusion prevention systems with the latest packages as virtual patching to the most recent available exploits.
- Anti-Ransomware: although advanced hacking groups are involved in this business, the encryption process is very extensive, and anti-ransomware with a remediation feature is an effective tool to revert back to operation in few minutes if an infection takes place.
As always, training employees to be in cyber-awareness, and ensuring that always-connected devices such as IoT and smart medical equipment are secure and monitored by autonomous AI cyber defence solutions are important measures to work by.