[ad_1]
Among the most important infrastructures in every country are the health ones, on which the lives of millions of people depend. Precisely for this reason, hospitals and health research institutes are among the preferred targets of cybercriminals: given their strategic importance, in fact, it is likely that victims are more likely to pay blackmail in order to be operational in the shortest possible time. . How do these companies deal with the problem? The answer offers it Trend Micro with a study commissioned to Sapio Research which involved 2,958 IT managers in 26 countries. In Italy the sample was 100 interviewed.
More than half of healthcare companies have been victims of ransomware
The cross-section that emerges from the study EVERYTHING IS CONNECTED: Uncovering the ransomware threat from global supply chains, is worrying: 57% of the companies in the sample have suffered at least one ransomware attack in the last three years. The impact was in many cases considerable: one in four companies (25%) had to completely block operations, while 60% were able to continue, despite having to modify internal processes to circumvent the problem. Furthermore, in 60% of cases, the attack was accompanied by the theft of sensitive data, a tactic that has long been in vogue among cybercriminals. before encrypting the data, they steal them so as to have an additional element to put pressure on the victims and force them to give in to blackmail. Given the importance and sensitivity of health data, the theft of this information is very serious, also because it undermines trust in the health system.
Countermeasures implemented by health institutions
From the survey numbers it might seem that hospitals and companies active in the medical sector do not give importance to cyber security, but the reality is different. In fact, Trend Micro’s analysis underlines how the vast majority (95%) regularly apply security patches, while 91% have introduced solutions to limit attachments to e-mails (the main attack vector) so as to mitigate the risk. In many cases, but we are talking about percentages below 50%, healthcare facilities use advanced solutions for cyber defense, such as tools for detecting threats on endpoints and NDR and XDR platforms for identifying and responding to malware.
So how do the attackers get over these barriers? According to Trend Micro’s analysis, one of the main weaknesses is to be found in the absence of advanced security platforms. NDR solutions are adopted only by 51% of the sample, EDR by 50% and XDR by only 43%.
Another problem is that of poor sharing of intelligence information: 30% of the companies in the sample do not share anything with their partners, 46% do not do it with suppliers and even one in three health care companies (33%) does not even communicate with the police.
In addition, 17% of companies did not activate any control over the Remote Desktop Protocol (RDP).
Finally, a few interviewees. they are able to detect lateral movement (32%), initial access (42%) or the use of tools such as Mimikatz and PsExec (46%).
“In cybersecurity, there is often talk of data breaches and network compromise. But in the healthcare industry, ransomware can have a potentially very dangerous physical impact“, he declares Salvatore Marcis, Technical Director of Trend Micro Italia. “In this industry, operational disruptions put patients’ lives at risk, healthcare organizations need to improve in threat detection and response, and share appropriate intelligence with partners to protect their ecosystems“.
.
[ad_2]
Source link
