This month, a member hospital of the French health company Ramsay Health indicated they have been the victim of a ransomware attack. Cue the normal story – many machines were impacted, manual processes were resorted to, a ransom ware demanded, and remediation steps were taken almost immediately. It seems like ransomware attacks are so cookie-cutter these days.
What makes this attack interesting is an admission from Ramsay Health’s hired cybersecurity firm, IICybersecurity, that this attack appears to have been custom built to infect the entire hospital group.
More and more ransomware attacks are being crafted to infect as many machines as is possible to up the chances of a paid ransom, so this kind of evolution of ransomware code shouldn’t entirely be a surprise. The good news is the attack was caught early enough to only impact a single hospital.
Targeted attacks are all the rage these days, with the bad guys realizing the return on investment of doing a little diligence on a particular target before formulating an attack strategy.
Organizations need to be aware of the heightened risk potential of ransomware attacks, as we’re seeing ransomware spread enterprise-wide, deleting backups along the way, and leaving organizations no choice but to either pay a ransom or walk down a very long remediation path, costing significantly more. The use of Security Awareness Training and Phishing Testing are powerful tools in the fight against phishing and social engineering attacks that seek to prey on unsuspecting users that become unwitting participants in attacks.