Expert comment on Irish health service ransomware attack
May 2021 by Brooks Wallace, VP EMEA at Deep Instinct
The comment by Brooks Wallace, VP EMEA at Deep Instinct who has commented on the Irish Health Service ransomware attack:
“Sadly, the higher the criticality and business or human impact an attack has, the more likely the victim is to pay. Healthcare organisations are at the top of the human impact chain, but they are also very vulnerable to cyber attacks as they often don’t have significant IT security budgets to invest in the most comprehensive protection capabilities. SecOps teams are doing their best to prevent breaches but they are under constant attack from highly sophisticated threats.
The consequences of these attacks can impact healthcare workers and their patients who need treatments. These attacks can cause delays to the encrypted machines, cause the medical equipment healthcare workers use to stop working, and make potential life saving equipment inaccessible.
The SecOps teams will have to identify the ransomware. Not only will they have to triage the infected machines, but they will also need to stop the lateral spread, likely using multiple tools, and consoles but with limited resources.
The best protection against attacks such as this one is a multi-layered approach using a variety of solutions. A “prevention-first” mindset is also key - attacks need to execute and run before they are picked up and checked to see if they are malicious, sometimes taking as long as 60 seconds or more. When dealing with an unknown threat, 60 seconds is too long to wait for an analysis. Organisations need to invest in solutions that use technology such as deep learning which can deliver a sub-20 millisecond response time to stop a ransomware attack, pre-execution, before it can take hold.”