A lot has happened since last month when I last wrote about the growing threat of human-operated ransomware attacks. The US Government warned of an imminent threat to hospitals, more organisations fell victim and attackers continued to innovate.

Understanding how these attacks work is crucial to defending against them. So to help, here’s a summary of what happened:

Ransomware operators targeted hospitals, in a continued disregard for human life. Almost two dozen United States hospitals and health care organisations were struck by ransomware attacks. A new height in aggression by attackers in the middle of a global pandemic, with hospitals…

On Thursday 16 July 2020, the NCSC released an advisory on how Russian cyber actors are targeting organisations involved in COVID-19 vaccine development.

The advisory details four activities APT29 are carrying out as part of this ongoing campaign, focusing on the initial stages of a cyber attack:

• Exploiting vulnerabilities in Internet-facing systems to obtain authentication credentials;
• Spearphishing employees to obtain authentication credentials;
• Using legitimate credentials to maintain access to systems and applications; and,
• Deploying custom malware to systems to conduct further actions.

In this blog, I outline the tactical actions organisations should consider taking to defend against each of these…