SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
New Zealand
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
Story image
#
Ransomware
#
Breach Prevention
#
Cybersecurity

Semperis stresses risk for healthcare organisations amidst rising cyber threats

Yesterday
Author image
By Melania Watson, Interview Editor

Jeff Wichman, Director of Incident Response at Semperis, has provided commentary on the recent ransomware attack affecting HCRG Care Group, highlighting the challenges faced by healthcare organisations in maintaining data security.

Wichman states, "The ransomware attack on HCRG Care Group is a sobering reminder that healthcare organisations will always be in the crosshairs of criminal enterprises because of the availability of sensitive and personal patient data." Despite limited details emerging about this particular incident, he emphasises the potential futility of paying ransoms, especially when lives could be at stake. "It doesn't pay-to-pay ransoms when the organisation believes it is in a life-and-death situation," he adds.

He points to findings from a recent Semperis global ransomware study, revealing that over 30 percent of organisations targeted by ransomware in the past year ended up paying ransoms four times or more. This statistic underscores the repetitive nature of payments and suggests a cycle some victims find difficult to break.

The ransomware group known as Medusa is reportedly behind the attack on HCRG Care Group, with a ransom demand of USD $2 million. However, it remains unclear whether HCRG has opted to reject the demand.

Wichman warns against the pitfalls of negotiating ransom payments, as these dealings are with criminal entities.

"Today, if your organisation is in a situation where you are contemplating making a ransom payment, do not attempt to negotiate with the attackers yourself," he advises.

Instead, Wichman recommends engaging cybersecurity experts with negotiation experience. He states that these professionals understand the legal intricacies involved, noting, "For instance, in some countries it is illegal to pay a ransom if the monies will be used to sponsor terrorist activity." This highlights the importance of informed negotiation processes to avoid legal ramifications.

Drawing comparisons to corporate lawyers, Wichman suggests that skilled negotiators can help limit financial impact and data exposure risks.

"An experienced ransomware negotiator won't allow communications with criminals to become personal and they will attempt to limit the total payout," he says.

Wichman also acknowledges the broader impacts of ransomware attacks on businesses, saying, "Ransomware attacks are traumatic, and oftentimes lead to massive business disruptions, damage your brand, and can erode the trust of your customers." He encourages companies that opt to fulfil ransom demands not to feel embarrassed, urging an adoption of an 'assumed breach' mindset to prepare for future threats.

To aid readiness and recovery, Wichman advises organisations to evaluate their critical systems, such as Active Directory (AD), as nine out of ten cyberattacks target this infrastructure.

"When critical services are inoperable or exposed because of vulnerabilities, that could open floodgates for hackers to target your partners," he warns. The importance of having a contingency plan and maintaining vigilance over potential entry points is emphasised, with Wichman saying it is "imperative that organisations have real-time visibility to changes to elevated network accounts and groups."

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Healthcare tops data breach incidents in 2024, surpassing finance
Sophos & Pax8 join forces to bolster MSP cybersecurity
KnowBe4 platform promises up to 400% return on investment
Exclusive: Infoblox reveals the importance of DNS security in the digital age
Quest launches AI tools to simplify IT migration processes
Top stories
Neeraj Methi joins Myriad360 as VP of Cybersecurity
Tenable unveils Identity 360 & Exposure Center solutions
Peter Alexander named new CMO at Barracuda Networks
Email security gaps leave Asia Pacific firms vulnerable
Counter-Strike 2 gamers warned about rising scam threats