Securing the Digital World

Managing Risk Amid Spike in Ransomware Attacks on Critical Infrastructure

Oct 30, 2020 | by Peter Beardmore |

On October 28, 2020, the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) issued a Joint Cybersecurity Advisory addressing  an increased and imminent cybercrime threat to hospitals and health care providers. The advisory comes amid a wave of ransomware attacks targeting healthcare systems and a spate of threats to critical infrastructure around the world, and follows warnings from authorities around the world including Interpol.

Although ransomware attacks have steadily increased over recent years, growing attacks on infrastructure have been speculated since early in the current global pandemic. Threat actors’ focus on healthcare, while particularly insidious in the midst of spiking COVID-19 cases in Europe and the Americas, follows a logical path of least-resistance.

Healthcare organizations tend to involve heterogeneous communities of providers, suppliers, patients, insurers, regulators, and a host of other partners. There’s an ever-growing digital ecosystem of devices and services ranging from clinical to administrative. There are complex and frequently changing regulatory mandates. There are diverse workforces with varying levels of cyber-awareness. And there are patients and their families, who need to conveniently transact with and within clinics, while focusing on their primary concern, their health.

Healthcare security and risk leaders have found that this confluence of characteristics makes managing digital risk (or even implementing best-security-practices) extra-challenging. Moreover, the adversaries have lucrative incentives. A recent example from the RSA FraudAction™ report shows healthcare records are now selling for between $100 and $500. And the critical nature of healthcare fuels urgency to resolve issues. (Read: they may be more likely to pay ransoms).

So what are they to do? There isn’t a simple answer to be found in 600-word blog. But a quick perusal of RSA’s content library renders a bevy of good advice on topics ranging from security operations, to authentication and identity management to fraud-prevention in healthcare settings. See several links below.

At a high-level however, think about making sure the bases are covered using the acronym RSA:

R – Risk – The multiple dimensions of risk in healthcare settings and the overlying compliance obligations can be extremely complex. Continually identifying, assessing, and acting on risk demands an integrated risk management program (and underlying platform) to manage risk and drive accountability across internal functions and third-party ecosystems. Healthcare organizations need adaptive risk and compliance strategies so they can continually embrace new technologies and deliver innovative, quality care.

S – Security – In the diverse and heterogenous digital environments described above, perimeter security approaches are long-obsolete. Risk-based user-authentication and access assurance to digital systems and assets, wherever they may be, is compulsory. Further, security operations teams need the tools requisite to stay ahead of cyber threats and minimize their impacts. Organizations must build cyber resilience in the face of vast digital expansion and growing threats.

A – Anti-Fraud – Organizations must continuously adapt to changes across their digital attack-surfaces and meet consumer-demand for convenience while reducing the opportunities for malicious activity through consumer channels. Consider an external cyber threat intelligence and management service that offers complete coverage against phishing attacks, Trojans attacks, rogue apps; and provides intelligence from the cybercrime underground so you can gain insights to attacks like ransomware targeting your organization.

RSA stands ready to help organizations manage risk in the digital age. In a time of acute dependence on healthcare and public infrastructure, there is nothing more important than ensuring that our customers and partners in these critical sectors have the advice, expertise, and technology necessary to keep us all safe.