Over the last nine months, there has been a sharp increase in the number of human-operated ransomware attacks. Many organisations have been impacted, from local governments to global corporations. In the height of this global pandemic, not even the healthcare sector has been spared, with recent attacks on a major US hospital system and a health tech company.
A lot has happened since last month when I last wrote about the growing threat of human-operated ransomware attacks. The US Government warned of an imminent threat to hospitals, more organisations fell victim and attackers continued to innovate.
Understanding how these attacks work is crucial to defending against them. So to help, here’s a summary of what happened:
Ransomware operators targeted hospitals, in a continued disregard for human life. Almost two dozen United States hospitals and health care organisations were struck by ransomware attacks. A new height in aggression by attackers in the middle of a global pandemic, with hospitals already on the verge of being overwhelmed. …
On Thursday 16 July 2020, the NCSC released an advisory on how Russian cyber actors are targeting organisations involved in COVID-19 vaccine development.
The advisory details four activities APT29 are carrying out as part of this ongoing campaign, focusing on the initial stages of a cyber attack:
In this blog, I outline the tactical actions organisations should consider taking to defend against each of these activities. …