Industry Specific , Targeting Healthcare , Video

Protecting Healthcare Against Ransomware: Essential Defenses

You Can Spot Many Attacks Unfolding - If You Watch, Says Peter Mackenzie of Sophos
Peter Mackenzie, director of incident response, Sophos

Especially for healthcare organizations, repelling ransomware attacks hinges on having robust monitoring and defenses in place, including the ability to spot the signs of an unfolding attack, says Peter Mackenzie, director of incident response at Sophos. That way, if attackers do break in, they can be disrupted before unleashing crypto-locking malware.

See Also: Mitigating Identity Risks, Lateral Movement and Privilege Escalation

"What we found in investigations for ransomware this year: Over 80% of ransomware victims had what we class as warning signs prior to the ransomware deployment," and this year the average was 11 days between intrusion and ransomware, Mackenzie says. "These attacks are relatively noisy, and by that I mean mistakes - the attackers use tools and techniques that will get detected by your security solutions."

That's because most attackers aren't bringing high levels of talent or other sophistication to bear. "It is depressing how amateur some of these attacks are, but they work," he says.

In this video interview with Information Security Media Group, Mackenzie discusses:

  • Unique challenges for healthcare when battling or responding to ransomware;
  • Top tactics used by attackers against healthcare and how to defend against them;
  • Why more organizations are using cloud-based security services and working with managed detection and response firms.

Mackenzie, who has worked at Sophos since 2011, manages the company's incident response team and helps customers triage, contain and neutralize threats.

Over 5,000 health data breaches since 2009 have affected the personal information of 370 million people. Ransomware gangs and hackers are targeting healthcare providers, insurance firms and partners at an alarming rate. Targeting Healthcare explores these trends and how the industry can respond.

Read more


About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.