The FBI, DHS, and HHS have issued a joint warning about an imminent threat to hospitals and healthcare providers. They represent that they have credible information to suggest there will be a widespread Ryuk ransomware attack this weekend-October 30th-November 1st.
If the alert is well-founded, and there is no reason to suspect it isn’t, most of the targeted networks have likely already been infected. Without a robust endpoint monitoring tool, this specific malware is generally successful in infiltrating networks for days or weeks prior to the execution of an encryption attack.
Attackers use Trickbot malware and Ryuk ransomware to keep the systems locked up while they steal data and disrupt health care services until a ransom is paid to release control.
In the advisory, the FBI and the other agencies offered advice for healthcare facilities to guard against ransomware:
-Regularly back up data, air gap, and password-protect backup copies offline.
-Implement a recovery plan to maintain and retain multiple copies of sensitive or proprietary data and servers in a physically separate, secure location.
-Focus on awareness and training. Because end users are targeted, make employees and stakeholders aware of the threat, such as ransomware and phishing scam, and how they are delivered. Additionally, provide users with training on information security principles and techniques as well as overall emerging cybersecurity risks and vulnerabilities.
-Ensure that employees know whom to contact when they see suspicious activity or when they believe they have been a victim of a cyberattack. This will ensure the established mitigation strategy can be rapidly deployed.
We certainly hope that all these preparations prove unnecessary, but they’re worthwhile regardless today and in the future. If you need any assistance with implementing any of these suggestions or technologies, we are here to help. Contact us at 810-629-0131 or visit: https://www.tdaniels.com/
