Following news that the Daixin Team ransomware group has threatened to leak over 1 million medical records (https://www.theregister.com/2022/09/14/ransomware_medical_groups/), cyber security experts reacted below.
Following news that the Daixin Team ransomware group has threatened to leak over 1 million medical records (https://www.theregister.com/2022/09/14/ransomware_medical_groups/), cyber security experts reacted below.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
Any sort of fantasy of honorable thieves in cybercrime should be long dead by now. Even if one or two of the most notorious ransomware gangs pinky promise not to attack critical infrastructure like healthcare, the low barrier to entry and potential high payouts from successful extortion ensure that there will always be even less scrupulous players to take their place. It’s been my experience that all but the largest healthcare institutions struggle with resources and talent to execute successful cybersecurity programs. We really have a scale problem with the current approaches to cybersecurity. If current approaches to staying protected requires investing in a dedicated team and exorbitantly expensive products, it’s no surprise that only the largest of companies can absorb those costs. The good news is that there are other far more effective strategies available to nearly everyone looking to improve their cybersecurity readiness, starting with adopting a strong culture of cybersecurity with focus on the fundamentals. Effective system hardening and attack surface reduction is often simply a matter of configuration settings, many that have best practices already freely documented in standards like NIST and CIS benchmarks. The key is in execution. Though there are many cheap or free resources for cybersecurity defense, implementation is not always easy. By staking cybersecurity on a cultural foundation, organizations can ensure that the hard work of implementation is prioritized as part and parcel of their mission.
The sector is not necessarily being targeted on purpose. Most threat actors are opportunistic predators, and so will always try to find the weakest prey to attack with the highest likelihood of pay-out. As many healthcare centres have not prioritized their investment in IT security, the combination of poor security hygiene and access to sensible patient information makes them an attractive target for cybercriminals. It’s just a number’s game.