Credible information regarding a well-known Russian cybercriminal organization plotting a mass ransomware attack across the United States healthcare industry led officials from the Federal Bureau of Investigation and the Department of Homeland Security to formally warn industry executives of the threat on Tuesday, October 28th. In short, evidence discovered of the communication between cybercriminals highlight the intention to deploy ransomware to over 400 healthcare facilities in the United States. It should be noted that publicly reported ransomware incidents have not come close to hundreds to this point, but there have been a handful of hospitals dealing with ransomware attacks in the past few days.
To prepare and prevent exposure to a potential ransomware attack, here are some best practices:
- Patch operating systems, software, and firmware as soon as manufacturers release updates.
- Use multi-factor authentication where possible, regularly change passwords, and avoid reusing passwords for different accounts.
- Scan for and identify open or listening ports and mediate those that are not needed.
- Ensure that data backup procedures are operating effectively, and disaster recovery plans are implemented and tested.
As one major point of emphasis, focus on awareness and training. End users are most targeted, ensure to educate employees and stakeholders common threats such as ransomware and phishing scams. Regularly provide users training on updated information security principles and techniques as well as overall emerging cybersecurity risks and vulnerabilities. Employees need to know who to contact when they see suspicious activity or when they believe they may have been a victim of a cyberattack. Security awareness among end users is vitally important to ensuring that a potential cyberattack is identified and responded to as quickly as possible.