Rest assured, adversaries are continuously refining how they penetrate your organizations, how they move within your network and what data they steal, ransom, or use to their advantage.
But one thing seems to be a constant—many healthcare organizations (especially in rural areas) are sticking to old outdated security protocols, which are leaving them increasingly susceptible to attacks and breaches. Security analysts have been stuck with relatively static recommendations to many in rural healthcare, mainly because critical bases are still not being covered.
“The same issues and security gaps are putting rural healthcare at more risk today than yesterday.”
Experts have scoured recent security incidents (totaling well over a thousand) over the past year and have found one common thread across attacks. Organizations are falling behind on basic security.
Three big areas that experts—including our own data—are finding increases in ransomware, convergence of techniques used to penetrate networks and an increases in email-related incidents.
Ransomware is shifting targets.
Essentially it is moving from a spray and pray (try to get anyone who will click) to targeted attacks that are keying in on important individuals on your network that probably already have higher privileges or access. Think your IT director, your CFO, administrator, CNO and other positions that require greater data accesses.
In effect, criminals are bombarding attacks on these ‘important’ roles, in an effort to sneakily get a free pass onto your network. You see, these criminals have seen little done to protect VIP accounts in rural healthcare and have determined that targeting specific people has a much larger payoff on their invested effort.
Maybe you remember SamSam being a problem in 2018 that researchers had thought was nearly eradicated. That was until similar ransomware emerged earlier this year (such as Ryuk and LockerGoga).
State-sponsored attacks are on the rise.
Back in 2018, state-sponsored attacks just counted for 7% of attacks. Now we are seeing more than a quarter. These attacks are on the rise and what many facilities fail to recognize is state-sponsored attacks are not covered by insurance.
Security experts have seen common trends hitting healthcare again and again. In most attacks, initial access is through leveraged credentials, often acquired through previous data breaches or attacks.
Email is the bane of cybersecurity.
We can’t live with it, but cannot live without it. Cybercriminals persist to use email as one of the biggest vectors out there. They spoof emails that look like they’re coming from legitimate sources and fool your users into clicking on a link or sending information that gives the criminal enough information to get onto your network. Nearly a quarter of successful attacks stem from email (and these attacks are some of the easiest and least-sophisticated out there).
While the security landscape is evolving, criminals are getting more effective with what they have.
They are essentially reusing old attacks or building on scams that have been around for nearly a decade. They are becoming less visible on your network by modifying old techniques.
My question to you: is your network adapting to changing threats?