The threat of cyber-attacks still looms high in business today
No organisation can hide from the attention of cyber-attackers as ransomware remains a prominent issue globally
By Deirbhile Brennan
May 14th marked the first anniversary of the historic ransomware attack on the Health Service Executive (HSE). The attack resulted in estimated recovery costs of €570 million and stolen data belonging to over 500 patients was published online alongside internal documents. The restoration of these documents was only secured the following September by the HSE, resulting in huge reputational damage and disruption to the every day health service.
This was no isolated incident and ransomware attacks are a persistent issue globally. The pandemic proved to be the most problematic time for many businesses. The criminals responsible for performing this malicious act upon the HSE are still active and remain undeterred by the outrage of their cyber-attack. The group responsible ‘Wizard Spider’ are wanted by Britain’s National Crime Agency, Europol and Interpol. They are offering a reward of €14 million for any information regarding their whereabouts.
How can we protect ourselves and our businesses from such data breaches? One lesson to be learned is that no organisation is too small or too large to escape these notorious hacking groups. Many of these groups have become iconic within the hacking world. Most notable are Chaos Computer Club, Anonymous, Homebrew Computer Club, Legion of Doom, Masters of Deception and the Lizard Squad which takes great credit for distributed denial of service (DDos) attacks including Facebook, PlayStation networks and Xbox live.
The breach of HSE’s data has proven that Ireland is very much a target. Businesses today must upgrade their cyber-security programmes in order to remain untouched. Furthermore, the HSE’s data breach has proven to be an expensive and stressful recovery with long term side effects and fall out still to be fully felt with PII (personal identifiable information) continue to appear on the dark web.
Businesses must put sufficient parameters in place, this can dramatically strengthen the cyber-security of any company. Ireland currently has a sufficient lack of cyber-security professionals whilst ransomware evolves rapidly. Most commonly cyber criminals will run scripts and try to find a vulnerable target. They will try and gain access wherever possible and target networks via phishing and stolen credentials. Phishing emails, RDP (remote desktop protocol) exploitation and exploitation of software vulnerabilities remained the top three initial infection vectors for ransomware in 2021.
Once the attackers have successfully broken into your network, they have several options readily available to them. Commonly, attackers will encrypt your files and demand a fee in order to access the decryption key. Further extortion progresses upon refusing the fee. Attackers will threaten to release your data to the general public, they may threaten to contact people whose data is affected, they may attack your suppliers. Finally, they may attack a business with a Ddos, slowing down any chance of recovery from the original attack.
Attacks are often thoroughly premeditated. Attackers will decide on their target and proceed to analyse any relevant vulnerabilities that may assist them in their attack. Interestingly, attacks often go for weeks unnoticed as attackers will gain access to the network and go silent for a period of time, then they will begin their attack. It is generally understood that the HSE attackers ‘Conti and Wizard Spider’ got access on St Patricks Day 2021.
A trend proving popular among cyber criminals is the hackers using a supply-chain attack. This method involves hiding a malicious code within a software update. The software update is then pushed out to organisations who are using a popular product. You may be a passive victim of these attacks, even if you do not experience them directly. Hackers are presently attracted to hitting hospitals, universities, financial institutions to name but a few.
How can any business ensure that its IT systems are up to the task of protecting its vital data? Ransomware attacks progress in stages. Various security products can intercept different stages of the ransomware attack. Many IT professionals believe it is worth investing in technologies that combat ransomware live, so do shop around.
Finally, business must continue to keep training up to date. There are various training courses out there that can help educate businesses and organisations on cyber-security. Many commentators believe that ransomware attacks worldwide are increasing at an incredibly alarming rate, rising to 92.7% during the pandemic with an average of €770,450 in ransom payment demanded per attack.