MedStar is but the latest healthcare entity to fall victim to a ransomware attack. What can organizations do proactively to improve their ransomware defenses and response? PhishMe CEO Rohyt Belani offers insight.
It's no surprise that healthcare entities are being targeted, Belani says - and not just by ransomware, but also by new waves of business email compromise. After all, healthcare data is extremely valuable in the underground economy, and healthcare entities are inclined to respond urgently to attacks.
"It's life or death on the line" with healthcare entities, Belani says. "So, there's a lot of motivation for the victim to react quickly and resolve the problem."
In many cases, these ransomware attacks are being delivered via phishing emails, which adds a defensive complexity for the organizations under siege. "The technological defenses alone clearly are not working," Belani says. "They need to work in unison with a very conditioned employee population that is skeptical enough of emails they're receiving to say 'Should I be clicking on this link ...?'"
In an interview about the latest threats to healthcare entities, Belani discusses:
Common elements to recent ransomware attacks; The business decisions that factor into responding to ransomware; How healthcare entities can prepare for increases in ransomware and business email compromise.Belani has more than 14 years of experience in the information security industry, with prior roles including co-founder and CEO of Intrepidus Group (acquired by NCC Group), managing director at Mandiant, principal consultant at Foundstone (acquired by McAfee), and researcher at the Software Engineering Institute. He has served as an adjunct professor at Carnegie Mellon University and is a contributing author for "Hack Notes - Network Security and Extrusion Detection: Security Monitoring for Internal Intrusions."