A report released by the Cybersecurity and Infrastructure Security Agency (CISA), the US agency that leads the national effort to understand, manage and reduce the risk of cyber and physical infrastructure, about the threat of ransomware, is offering a glimpse of what veterinary practices should expect from cybercriminals.
The report, which was released on February 9, 2022, involved collaboration between CISA and countries such as the United Kingdom and Australia. Below is a look at what CISA found about evolving ransomware threats and lessons veterinary practices can take from the report.
Methods used by cybercriminals to attack
The CISA report analyzed some of the methods that cybercriminals were using to attack their victims. Some of the methods they found included:
– Email phishing, stolen Remote Desktop Protocols and software vulnerabilities.
The research found that cybercriminals’ top three most used methods involved email phishing, RDP exploitation, and software vulnerabilities. The three attack methods are also the most commonly used techniques against veterinary practices. To avoid falling victim to such attacks, veterinary practices should implement methods such as patching their software and training staff to recognize phishing emails and RDP exploits.
– Cybercrime as a service:
The growth of Ransomware-as-a-service (RaaS) was also found to have fueled the sharp increase of cyberattacks. The report indicated that cybercriminals had taken a more business-minded approach in their attacks. Today, cybercriminals have ransom negotiators and arbitrators who help the victims and the cybercriminals come to a compromise after an attack and pay the money. Some cybercriminals also offered a 24/7 help center to their victims as they tried to negotiate payments.
– Lack of privacy for victims’ information:
Today, if your veterinary practice is compromised, you should expect your information to be shared among different ransomware groups. This will include access to your veterinary practice’s networks, which may help other cyber groups to target you and make a follow-on attack.
– Small and medium-sized veterinary practice at risk of getting attacked:
According to the CISA report, cybercriminals shifted their attention to small and medium-sized organizations by mid-2021. This is after high-profile attacks of Kaseya, JBS, and the Colonial Pipeline resulted in efforts to minimize such attacks. This focus also puts small and medium-sized veterinary practices at risk of becoming victims of ransomware attacks.
– Tripple extortion:
Chances are, if your veterinary practice is compromised, you will be exploited using a three-pronged approach from cybercriminals, which includes threats to release your data in public, disruption of your network’s access and contacting your clients and informing them about the attack.
How cybercriminals are causing maximum damage
Cybercriminals have found numerous ways to cause maximum damage when they launch an attack, do according to the CISA report. Below are some of the methods they are using and how it impacts veterinary practices:
– Targeting cloud infrastructure:
Cybercriminals were found to be targeting cloud services to exploit vulnerabilities in cloud applications, virtual machines and software used to run these services. Cloud services are also where most veterinary practices have invested heavily in the past few years. Today, veterinary practices use cloud services to host practice management systems and data to carry out their day-to-day operations. Therefore, the move by cybercriminals to target cloud infrastructure puts many veterinary practices at risk of becoming victims.
– Managed service providers:
Cybercriminals are also targeting managed service providers. In the veterinary practice context, these are the people who provide services such as your practice management systems. By targeting the managed service providers, cybercriminals can compromise more ransomware attacks targeted at all the veterinary practices that depend on the providers. This increases the impact of their cyber-attacks and ensures more veterinary practices are compromised using a single attack.
– Attacking software supply chain:
Cybercriminals were also found to be targeting software supply chain entities to compromise and extort victims. These attacks can also be aimed at veterinary practices, who outsource most of the software they use from third-party IT companies.
CISA advise on how to mitigate cyberattacks
The CISA report also had some recommendations on how to avoid becoming a victim of ransomware attacks. Here are some of these tips that veterinary practices can use to prevent cyberattacks.
Updating and patching your software: Software vulnerabilities were among the top three most used methods by cybercriminals. Timely patching and keeping your software up-to-date can help mitigate the risks and prevent future cyberattacks targeted at your practice.
Training staff: Raising awareness about various methods used by cybercriminals to compromise veterinary practices can help prevent attacks aimed at your practice.
Require passwords and two-factor authentication: requiring all your staff to have passwords on their machine can also prevent cybercriminals from attacking your practice. Two-factor authentication should also be a requirement to prevent cybercriminals from gaining access to your networks.
Having a backup system: Ensuring that you have a backup of all your data is a sure way to prevent losing the data. If you are attacked, it also gives you an upper hand because you don’t have to pay cybercriminals to have your data back.
Did you think that your “IT guy had you covered”, only to get hit with Ransomware?
Schedule a FREE no obligation call today, to see how Lucca Veterinary Data Security can help keep your hospital from becoming another victim to cyber crime.