Around three weeks after the declaration of a national emergency due to a ransomware attack in Costa Rica, the country's health sector is suffering serious damage: All computer systems in Costa Rica's public health network (Costa Rican Social Security Fund) are now offline after they went offline on Tuesday hit by a ransomware attack.
Here is an expert commentary from Grant Geyer, Chief Product Officer at Claroty, specialist in cyber-physical systems (CPS) security for industry, healthcare and enterprise.
Cyber criminals paralyze hospitals
“Unfortunately, the Hive ransomware attack on Costa Rica healthcare facilities shows the moral emptiness of cybercriminals. As hospitals become more connected, ransomware can disrupt acute patient care and put lives at risk.
This is exactly what cybercriminals want: to place decision makers in a morally impossible position, leaving them with no choice but to pay ransom to get their services up and running again - even if this ultimately leads to further attacks on the sector. In 2021, 80 percent of critical infrastructure was hit by a ransomware attack, with 62 percent of compromised facilities paying the ransom.
Ransomware doesn't even spare Healthcare
Ransomware attacks are now also the order of the day in the healthcare sector. One of the main reasons for this is the multitude of Internet of Medical Things (IoMT) devices in use. Many of them have critical vulnerabilities that are difficult to patch, making them perfect targets for cyber attacks. Because there is typically no segmentation, malware can move laterally through the network and attack critical systems such as employees' computers. Therefore, it is critical that healthcare organizations implement a set of security policies to prevent these catastrophic attacks.
Which devices in your network?
Most importantly, these facilities need a comprehensive view of all devices on their network. With this knowledge, security teams can prioritize critical machines, devices and processes and begin patching where possible or implement security controls such as firewall rules. Also, it is fundamental that networks are segmented to break unnecessary connections. This can limit the spread of malware and minimize the impact of such attacks. With attacks on the healthcare sector showing no signs of abating, it is more important than ever that healthcare providers properly secure their networks.”
More at Claroty.com
About Claroty Claroty, the Industrial Cybersecurity Company, helps its global customers discover, protect and manage their OT, IoT and IIoT assets. The company's comprehensive platform can be seamlessly integrated into customers' existing infrastructure and processes and offers a wide range of industrial cybersecurity controls for transparency, threat detection, risk and vulnerability management and secure remote access - with significantly reduced total cost of ownership.