Skip to main content
Cyber News

Veterinary practices beware; laxity by cybersecurity teams contributing to the recent surge in ransomware attacks

By June 28, 2021June 9th, 2022No Comments

The recent surge in high-profile ransomware attacks has painted a picture of improved tactics used by cybercriminal groups, resulting in huge cyber attack campaigns they are now enjoying. However, successful ransomware attack campaigns are not telling the whole, including the blame that should be leveled on cybersecurity experts of the targeted institutions.

One of the most overlooked facts in all these recent attacks is the measures put in place by cybersecurity experts tasked with preventing such attacks. A closer examination of the recent ransomware attacks indicates that most victims’ security teams had been lax in taking adequate steps to secure their network assets, therefore, becoming victims of their own making.

Cybersecurity experts recommending paying the cybercriminals

Unlike the previous years, where information about handling ransomware attacks has been kept secret, 2021 has been a year where high-profile ransomware victims have shown transparency in providing details of attacks and whether payments have been paid.

In most instances, many institutions find themselves in a “pay up or perish” position because of the multiple missteps they have made in their cybersecurity systems. Two most recent cases, where high-profile institutions were forced to pay up a ransom to cybercriminals because of the ransomware attack’s impact on their operations, are JBS and Colonial pipeline.

In the case of JBS, they ended up paying over $11 million to REvil, a ransomware cybercriminal group that is believed to be from Russia. The company confirmed to have paid the amount using Bitcoin to prevent further disruption of their meat plants.

Reports also indicated that the Colonial pipeline also paid hackers over $4.4 million, using Bitcoin for payment. Although the money was later recovered by the authorities, it showed their willingness to make payments to reduce the pain caused by the ransomware attackers.

Research, however, shows that 80 percent of organizations that end up paying ransom to cybercriminals are targeted again. This includes veterinary practices that have, at one point, suffered a ransomware attack.

Cybersecurity experts recommending payment of ransomware cybercriminals, especially to veterinary practices, may be doing more damage than offering help to recover from the attack. It also shows a failed cybersecurity strategy to handle attacks.

Missteps being made by cybersecurity teams

Every organization is different and runs on different cybersecurity strategies. However, some older organizations have not kept up with the emerging cybersecurity trends, a situation that is resulting in them being exposed to ransomware attacks.

For instance, a more established veterinary practice with many years of operation has networks and infrastructure that have evolved through the years without cybersecurity being a priority.

Small and medium veterinary practices that host their services in the cloud also have local technology, servers and computer systems that can also be compromised. Here is a look at some of the missteps that many organizations are making leading to their ultimate ransomware attacks:

  1. Non-existent patch strategy

Patch management involves distributing and applying updates to operating systems, applications and embedded systems (like network equipment) to patches that have been found to contain vulnerabilities or bugs. Regular patch update ensures that vulnerabilities are identified fast and fixed, ensuring your systems’ environment is not susceptible to exploitation by cybercriminals.

Although this sounds like a requirement every organization should implement. Most of the recent cyber-attacks may have been prevented if a proper patching strategy had been in existence. This includes the Microsoft Exchange Server hacks that happened at the beginning of the year due to failure to update software to the latest version.

  2. Misunderstanding network infrastructure

A well-configured network should be able to track traffic and determine where it is coming from. Security experts also need to have a better understanding of what normal traffic looks like in order to prevent remote access from unauthorized personnel.

Almost all ransomware attacks have to communicate with remote cyber criminals before encrypting data. Analyzing packets of data being sent over the network, in most of these cases, should have prevented or interrupted the majority of these recent attacks and helped save victims the headache of having to start over their network security.

  3. Relying too much on backups

Yes, backups are an integral part of cybersecurity; however, they are not enough to ensure your data safety. Failing to segment backups from your networks means that they are also prone to ransomware attacks.

Recent ransomware scan networks to detect whether there are backups available and then encrypt them. Cybercriminals have realized that, in order to cause maximum damage, they need to remove any power their victims might have in restoring their data back, thereby, targeting backups.

One of the biggest cardinal sins you can make using backups is housing them within the same network. However, recent reports have shown us that, even for large institutions with a big cybersecurity budget, their experts seem to forget why it is always good to segment backups away from the networks, and it has resulted in backup files being encrypted by ransomware.

The White House said it best

It’s time to test your cyber security strategy and one of the best ways is through the Lucca Cyber Security audit. Not only do we help you find your weak points we help you to outline ways in which you can close those gaps. Schedule your FREE no obligation call today to see how a Lucca Cyber Security audit can help protect your hospital.

SCHEDULE NOW