Cybercrime is raging across the world, including Australia, New Zealand, and the Asia Pacific. Of late, Australian businesses and organizations have been particularly targeted by cybercriminals to siphon off critical user data. Healthcare, of all sectors, and thanks to the absence of any systemic cybersecurity audit, seems to be vulnerable to such attacks. This was evidenced by the recent data breach incident concerning the Australian health insurer Medibank. As per reports, cybercriminals broke into the Medibank database and accessed personal data worth 200 gigabytes. As proof of their malfeasance, cybercriminals shared 100 insurance policies containing claims, procedures, information related to diagnoses, and biographical data.
The health insurer further revealed receiving messages from a group purportedly negotiating the removal of customer data. After the cyberattack, Medibank reported “unusual activity” on its network. However, the health insurer did not find any evidence of sensitive customer data being accessed. The flurry of such attacks, especially ransomware, directed at the healthcare sector seems to have doubled year-over-year. As per the CrowdStrike 2022 OverWatch Report, the quantum of “interactive intrusions” against the healthcare sector has shown a significant jump.
Innovative Methods Used by Cybercriminals to Spread Ransomware
Cybersecurity experts state that a large number of such attacks are attributed to cybercriminals looking for quick financial gain. The entire episode is blamed on the proliferation of the “ransom-as-a-service” model, wherein cybercriminals commoditise ransomware and sell it to affiliate groups. This enables even technically challenged criminals to indulge in such activities and poses a fresh challenge for security experts.
To cite an example, security experts detected an affiliate ransomware called “Phobos” trying to intrude into the systems of a major healthcare entity in the USA. The telltale signs of a brute force attack included several unsuccessful login attempts followed by a successful one. Incidentally, this attack took place prior to Medibank’s attack and allowed the affiliate to get access into the systems by using a local administrator account. Thereafter, they used a remote desktop protocol to reach additional hosts and get access to multiple Windows servers. Fortunately, the attack was thwarted by the alerted victim organization in time, thereby saving itself from data loss, lawsuits, and loss of reputation.
Lack of Knowledge and Intent to Implement Cybersecurity
The above-mentioned incidents could take place as long as the healthcare industry does not pay adequate attention to the growing cyber threats globally. According to a cyber insurance coverage study by BlackBerry, there is immaturity displayed by the medical insurance sector in terms of their knowledge and the desire to seek protection. Thus, the cyberattack technique employed against a healthcare firm in the USA can easily be used to target such firms in Australia, New Zealand, and the Asia-Pacific region as well. To mitigate such threats, healthcare organisations should get access to threat intelligence by leveraging the services of reputed cybersecurity companies like Cybernetic Global Intelligence.
Why Should the Healthcare Sector Conduct Cybersecurity Audit?
Cybercriminals target organisations that do not have an adequate level of cybersecurity measures in place. This can be understood by conducting a rigorous cybersecurity audit. The process evaluates an organisation’s cybersecurity practices to ensure updated security measures are put in place. Besides, such an audit will determine whether the organisation’s security assets and practices are compliant with industry standards, such as ISO/IEC 27001-13, PSPF, APRA CPS 234 ASD ISM, QGISCF, and E8, among others. For instance, the security specialists at Cybernetic Global Intelligence conduct a NIST cybersecurity framework assessment to identify any gaps in an organisation’s cybersecurity infrastructure. Thus, it helps to find cost-effective measures to mitigate such threats.
For organisations, especially those in the healthcare sector, there is no shying away from strengthening their cybersecurity infrastructure, becoming compliant with industry standards, and following the best security practices. If you want your organisation to not fall prey to ransomware and other types of attacks, contact the ISO 27001 lead auditors at Cybernetic Global Intelligence by calling 1300 292 376 or sending an email to firstname.lastname@example.org.