Netwrix comments on ransomware
 

As US Change Healthcare is hit by a ransomware attack www.reuters.com/technology/cybersecurity/cyber-security-outage-change-healthcare-continues-sixth-straight-day-2024-02-26) causing outages in systems regularly used for medical billing and insurance claims, we talk to Dirk Schrader Field CISO (EMEA) and Vice President of Security Research, Netwrix  (www.netwrix.com) about the action that organizations who are part of critical infrastructure need to be taking.

“High dependency of our day-to-day living on proper functioning supply chains is our reality.  High-profile attacks affect hundreds of thousands of individuals.  Colonial Pipeline or MoveIT stories, attacks on IT service providers like Kaseya and Materna, to name a few, might vary in scale and vertical, but all of them prove the need for a coordinated approach to increase the cyber resiliency of vital services like healthcare, energy, water, transportation, etc.  The domino effect of an infiltration of the supply chain can be devastating.  Cyber resilience is defined as the ability to deliver the intended outcome despite adverse cyber events, and for critical infrastructure is not limited to internal security incidents.”

“Organizations that are part of a critical infrastructure should pay special attention to ensuring they might effectively operate under the ongoing attack and regularly assess the risks associated with their supply chain.  Third-party dependencies should be analysed and re-examined.  In particular, an incident response plan should cover the scenario, defining what to do in case of sudden unavailability or malicious infiltration of a part of the supply chain.  In case of one substantial dependency, the IT team should not hesitate to ask their peer about what they do to maintain operability in case of adverse cyber events.  Such an exchange is the starting point for an in-depth discussion about enhancing the resilience of the overall critical infrastructure.”
 
“An attack on one organization’s infrastructure might affect another organization’s ability to process data.  Losing a privileged identity in one company leads to adverse events in another.  The abilities to adapt, anticipate, and absorb – the major aspects of resilience – need to be expanded outside the individual organization’s domain by identifying and balancing an organization’s external dependencies.”