Nearly half of data breaches in hospitals and the wider healthcare sector are due to ransomware attacks, according to a new study.
Gangs of ransomware add an extra level of blackmail to attacks. In addition to encrypting networks and demanding millions of dollars in bitcoin to recover, hackers also steal sensitive information and threaten to publish it if they are not given the ransom they demand.
This double blackmail technique is intended as extra leverage to force victims of ransomware attacks to pay for ransom instead of taking the time to restore the same network. For healthcare, the prospect of data leakage in Internet It is particularly annoying, as it may involve sensitive private medicine data along with other forms of identifiable staff information the patients.
Some organizations will therefore choose to pay for them ransom to prevent this from happening.
As a result, ransomware attacks are now responsible for 46% of data breaches health care, according to analysis by Tenable cybersecurity researchers. Over 35% of all breaches are associated with ransomware attacks, resulting in often huge financial cost.
One of the key methods for ransomware gangs to gain access to hospital networks is through two vulnerabilities VPN located on the Citrix ADC controller, affecting Gateway hosts (CVE-2019-19781) and Pulse Connect Secure (CVE-2019-11510).
Both of these vulnerabilities had received the necessary patches in early 2020, but despite this, a large number of organizations have not yet implemented the necessary updates.
Exploiting vulnerabilities has allowed ransomware groups to gain a foothold in networks. Of course, they will continue to do so until the networks have received the required security updates.
The key to protecting networks from ransomware attacks is to implement patches that are circulating, especially those designed to resolve critical issues. vulnerabilities. And if there are applications in your organization that no longer receive security updates, researchers recommend replacing this one. software with an alternative that still supported.
Source of information: zdnet.com