Pandemic Has Unleashed an Unprecedented Level of Ransomware Attacks on Healthcare

Healthcare Dive | July 03, 2020

Ransomware hit at least 26 U.S. healthcare providers between January and May, according to Recorded Future, which used open-source reporting to verify the attacks. April and May averaged six ransomware attacks each, compared to five attacks in April and three attacks in May last year. Recorded Future confirmed Maze was responsible for at least six ransomware attacks this year and NetWalker was responsible for at least five. Since 2016, Recorded Future said it cataloged 161 publicly disclosed ransomware attacks targeting healthcare providers. Of the 57 attacks recorded in 2019, at least 10 organizations paid or partially paid the ransom. Last year the healthcare industry was inundated with an unprecedented level of ransomware attacks. Smaller healthcare providers, unable to pay a ransom or recover from the damage, were forced to shutter.

Spotlight

"Today’s attacks have evolved in volume, complexity and duration. In 2014, 50% of the attacks lasted more
than 1-2 days and included more than 5 different attack vectors. This characteristic, which originates in the
shifting attack motivation and targets, entails various challenges to organizations trying to protect them. The
main challenge is that each attack can now include vectors/tools with very different characteristics, ultimately
threatening a different infrastructure element. Each vector is associated with a different optimal location in the network for detection and another for mitigation. For examples and more details on this trend"

Spotlight

"Today’s attacks have evolved in volume, complexity and duration. In 2014, 50% of the attacks lasted more
than 1-2 days and included more than 5 different attack vectors. This characteristic, which originates in the
shifting attack motivation and targets, entails various challenges to organizations trying to protect them. The
main challenge is that each attack can now include vectors/tools with very different characteristics, ultimately
threatening a different infrastructure element. Each vector is associated with a different optimal location in the network for detection and another for mitigation. For examples and more details on this trend"

Related News

NETWORK THREAT DETECTION

Axonius Integrates with the New, Enhanced Amazon Inspector to Deliver Comprehensive Cyber Asset Attack Surface Management

Axonius | December 06, 2021

Axonius, a leader in cybersecurity asset management, today announced an integration with the new Amazon Inspector, an automated security assessment service. The integration will enable mutual customers to better understand and manage vulnerabilities across their Amazon Web Services (AWS) infrastructure. Amazon Inspector is a vulnerability management service that continually scans AWS workloads for software vulnerabilities and unintended network exposure. The solution automatically discovers all running Amazon Elastic Compute Cloud (Amazon EC2) instances and container images residing in Amazon Elastic Container Registry (Amazon ECR), at any scale, and immediately starts assessing them for known vulnerabilities. Because Axonius delivers a complete inventory of assets from many correlated data sources, customers can gain a comprehensive view of their cloud security posture, including vulnerability data found from Amazon Inspector. "Customers are burdened by the increasing number of security tools to protect the sprawl of cloud, physical, and virtual assets in their environments,It's not easy for them to surface which assets are not covered by their security controls that should be, or if they are covered, whether the control is actually working. Customers are exhausted with the highly manual, slow, and error-prone processes that negatively impact their risk mitigation, threat management, and compliance. With Axonius, customers can get a unified view of their assets and dramatically accelerate the process of strengthening security posture across all of their assets.” Mark Daggett, vice president of worldwide channels and alliances, Axonius Comprehensively Track and Assess the Security of AWS Assets: In just a few clicks, the Axonius Query Wizard can identify any AWS assets that have not been assessed with Amazon Inspector. Customers can also easily search for a set of assets based on their last scan time, or segment AWS assets with known vulnerabilities by common vulnerabilities and exposures (CVE) severity, CVE ID, and more. It can also be used to track the Amazon Inspector usage and coverage. Manage Vulnerabilities Within a Broader Context: Beyond simply identifying known vulnerabilities, Axonius delivers correlated data from tools such as endpoint detection and response, privilege access management, and more to help cloud security, DevOps, and security operations teams prioritize which vulnerabilities to remediate first. With an endless backlog of vulnerabilities to manage, this level of context is imperative to helping teams mitigate the vulnerabilities that are more likely to be exploited, or that would have the most impact if exploited. Improve Cloud Compliance Based on Industry Benchmarks: Customers can also ensure that their AWS assets adhere to security best practices, such as the CIS AWS Foundations Benchmark. Using Axonius and Amazon Inspector, cloud security teams can prioritize which assets pose the most risk due to any detected vulnerability or deviation from security standards and best practices. “To be effective, security and DevOps teams need to prioritize vulnerability remediation based on business impact”, said Michael Fuller, director of product management, AWS Security Services. “With the new Amazon Inspector, we’ve dramatically simplified continuous and automated vulnerability assessment for customers across their entire organization, whether they have one AWS account or five thousand. The Axonius integration then brings developers more contextual asset data to help prioritize vulnerability remediation.” About Axonius Axonius is the cybersecurity asset management platform that gives organizations a comprehensive asset inventory, uncovers gaps, and automatically validates and enforces policies. Deployed in minutes, the Axonius cyber asset attack surface management (CAASM) solution integrates with hundreds of data sources to give customers the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, automating response actions, and informing business-level strategy. Cited as one of the fastest growing cybersecurity startups, with accolades from CNBC, Forbes, and Fortune, Axonius covers millions of devices for customers around the world.

Read More

DATA SECURITY

Paubox to protect healthcare providers with One-of-its-kind Security tool

Paubox | July 01, 2021

Zero Trust Email, a new feature to the Paubox Email Suite, is announced by the leader in HIPAA compliant email, Paubox. Zero Trust Email, the only technology of its kind, has the purpose of protecting the sensitive data and information of healthcare organizations from cybersecurity attackers. A solution for protecting the data and information of healthcare organizations was necessary as at least 93% of healthcare organizations reported one cybersecurity breach during the last three years. Various accounts on servers run by American infrastructure companies such as AWS, GoDaddy, and Mailgun, are being set up by bad actors. This lets cybercriminals to pass virus checks and industry standard spam. Paubox has rolled out Zero Trust Email in response to it. According to Founder CEO of Paubox, Hoala Greevy, A core tenet of Zero Trust security is multi-factor authentication (MFA). Zero Trust Email needs an additional piece of evidence from the sender’s mail server to pass our Inbound Security checks. This additional layer of verification is critical to keeping bad actors away and under control. According to Cost of Data Breach report of IBM, in 2019, healthcare industry had almost lost $7 billion USD due to damages from data breaches caused by cyberattacks. Extra network admittance points created by a rising remote work force only open healthcare organizations to more cybersecurity susceptibilities and attacks. Zero Trust Email can minimize the damage due to both internal and external attacks in healthcare organizations.

Read More

DATA SECURITY

XM Cyber Partners with Italy-based Value-Added Distributor ICOS

XM Cyber | May 06, 2021

XM Cyber, the multi-award-winning leader in cyberattack path management, today announced that it has signed an agreement with Italy-based value-added distributor (VAD) ICOS. This agreement will enable ICOS to offer XM Cyber solutions in the Italian market to help organizations protect their most critical assets. "XM brings a new approach that uses the attacker perspective to find and remediate critical attack paths toward organizations' crown jewels across on-premises and multi-cloud networks," explained Erez Jacobson, Channels Sales Director, EMEA & APAC, XM Cyber. "We are a fast-growing business and need to scale through our partners ecosystem. The agreement with ICOS is an exciting development to consolidate our footprint in the Italian market." ICOS is a partner of some of the leading technology vendors in the sector, offering resellers the infrastructure and cybersecurity solutions that are most in line with the new paradigms of enterprise IT. About XM Cyber XM Cyber is the global leader in cyberattack path management. The XM Cyber platform enables companies to rapidly respond to cyber risks affecting their business-sensitive systems by continuously finding new exposures, including exploitable vulnerabilities and credentials, misconfigurations, and user activities. XM Cyber constantly simulates and prioritizes the attack paths putting mission-critical systems at risk, providing context-sensitive remediation options. XM Cyber helps to eliminate 99% of the risk by focusing allowing IT and Security Operations to focus on the 1% of the exposures before they get exploited to breach the organization's "crown jewels" – its critical assets. XM Cyber was founded by top executives from the Israeli cyber intelligence community and has offices in North America, Europe, and Israel.

Read More