As you have probably read, computers from the HSE were infected with ransomware last week. The HSE was forced to shut down parts of its IT operation to contain the spread of the cyber attack.
Ransomware is a very lucrative business model for cyber criminals and another recent case, the Colonial Pipeline case, shows how a wide-spread ransomware attack can have a serious social impact as well. And if you are a health care organisation, suffering from a ransomware attack during the COVID pandemic may have serious, or even fatal, consequences.
Although it is currently not clear how this attack on the HSE was executed, there is a suspicion that it may have involved a user clicking on a link, and thus opening the internal network to the attackers. If true, this shows you one of the main challenges of Cybersecurity. The scales are tipped against you because anyone defending themselves needs to close ALL vulnerabilities, whereas an attacker just needs ONE vulnerability to breach the secure perimeter.
This also means that organisations need to defend that interest on all levels, with people being one of the most important ones. Sure, you need good technology as well to support your defences, but solely trusting technology and hoping a box with flashing lights will save your bacon is like driving a car blindfolded.
To be able to defend your interests, and those of your customers, you need to make sure your people are trained properly, as they can be your best first line of defence. Support them with the proper technology to defend themselves and don’t assume it will never happen to you. It is better to be prepared, and make sure you can limit the impact of a ransomware attack by segmenting your internal network. In addition, to be able to recover quickly, make sure you have working backups, that are stored offline, just in case.
The best approach is to look beyond technology alone and implement your cybersecurity from a broader perspective.
For more information on how Cyberlink Security could help you, please contact us at info@
