Happy New Year from all of us at Tiberium!
As we plough headlong into 2021 with chaos everywhere, not least at the UK/European border and in the United States of America (curious isn’t it that the National Security machine of the USA didn’t anticipate a whiff of trouble at The Capitol or elsewhere from disturbed Trump supporters? They seem to have been well prepared for other recent protests!), the single biggest disruptive, difficult to manage, and downright nasty issue has to be (for poorly prepared and/or managed countries at least) the lingering, deadly, Covid-19.
Many have blogged about the increased attack surface presented by home working which was prevalent during the first lockdown with casual breaking into Zoom calls, and attacks against home routers and other equipment for use in botnets or as a way into the business crown jewels.
Some commentators even called out the increased risk to none other than healthcare organisations big and small, One man’s Global Pandemic appears to be someone elses malevolent opportunity.
It is not for us to comment on the evilness or character of the loathsome individuals who perpetrate these crimes against Healthcare during a pandemic, or indeed what their method of execution should be, however, one thing is for certain they are very much ‘at it’.
This week the fabulously thorough researchers at Check Point, with whom some of us at Tiberium have had more than 30 years association (really it’s true), have produced a very disturbing report highlighting a significant increase in attacks against healthcare organisations over the last two months of 2020.
Ransomware is the standout risk although the usual taggers-on such as DDOS, Botnets, and Remote Code Execution are noted.
The reported increase in attacks is no less than 45 percent globally, taking advantage of stressed-out times on the front line and we recommend that IT professionals working in or supporting healthcare outfits should be very much on guard.
We recommend the following:
- Have a thorough understanding of your estate including internal, and external facing systems and connectivity to third parties. We would recommend that this is supported by automated tooling.
- Keep systems patched, especially if they are Internet-facing. In times of pressure prioritise external facing and high-value assets for immediate patching.
- Educate staff about malicious Emails and test the educations with dummy drills.
- Use the anti-ransomware and spam functionality of your security platforms as much as possible and review the reporting from them.
- Implement automated responses to the detection of trojans or other malware. Check Point like most security outfits worth their salt advise that you look out for Trickbot, Emotet, Dridex, and Cobalt Strike.
- Have a playbook for what you would do if you fell victim to a Ransomware attack, and test it. Then test it again, regularly, keeping it up to date.
Whilst all of this may seem daunting, and to be honest, organisations that have these bases all covered are few and far between which is clearly a primary driver for the success of Ransomware, Tiberium can help.
Our systems have been developed after years of sometimes bitter experience and offer reliable automated security outcomes for most common threats, including Ransomware.
We would really like the opportunity to show you are wares. Please contact us at for a more interesting online meeting than many.
Of course, patient data, indeed all personal data, is very valuable to criminals, and also to monster social network (aka advertising) businesses.
What will happen in this green and pleasant land remains to be seen. You can read more details here.
Have a good week, try not to go stir crazy and if you have any security issues or requirements, do get in touch.