industry
UNLOCKED
Add to these risk factors the low tolerance HCOs have for service outages , and the highly monetiseable personal , medical and financial information they hold on patients , and you have a sector that will always come under intense scrutiny from threat actors .
Continuous threat actor improvement
The challenge is that our adversaries continue to innovate , tapping an underground economy said to be worth trillions of pounds annually . The share of recorded attacks on HCOs globally have roughly doubled from 34 % in 2021 to 60 % today , with double extortion increasingly the norm . Sophos claims data was stolen in 37 % of cases where it was also encrypted . Unlike HCO network defenders , one thing threat actors do have is a surfeit of skills . ‘ As-a-Service ’ offerings readily available on the cybercrime underground have lowered the bar to entry for many budding groups , and initial access brokers ( IABs ) queue up to offer network access .
Threat actors are also developing increasingly powerful ways to detect and delete backups , to increase their leverage in ransom negotiations . In some cases , these capabilities are built into the malicious code itself . And they are targeting cloud environments in greater numbers , in attacks where data is stolen and then deleted from AWS buckets , rather than encrypted .
The cost of ransomware
The EU security agency ENISA reckons that ransomware now accounts for over half ( 54 %) of threats to the sector . In the UK , HCOs are frequent breach victims . All of this can have a potentially devastating associated cost .
WannaCry disrupted 81 out of 236 trusts in England ( 34 %) and 603 primary care and other NHS organisations , including 595 GP practices . It led to an estimated 19,000 cancelled appointments and operations , with many patients directed to A & E
What can healthcare CISOs do to respond ? Building resilience and enhancing incident response will be key .
WWW . INTELLIGENTCISO . COM 45