Preparedness, practice and partnerships help strengthen your Cyber Security posture
As we close out Cyber Security Awareness month we at HIROC wanted to share some insight on trends we’re seeing. The COVID-19 pandemic has demonstrated the importance of having a strong cyber security posture for all organizations. Since March 2020, we have observed cyber criminals exploiting the pandemic for their financial gain. In particular, consequences associated with ransomware attacks over the last couple of months infiltrating healthcare, government, charitable and other private sector organizations.
The Netwalker ransomware, for example, has been recently attributed to prominent cyber-attacks in Canada. The Netwalker, similar in behavior to the other ransomware, encrypts all devices, leaving all applications, files and data inaccessible by users. The ransomware also leaves a ransom note containing instructions on paying the ransom to recover the encrypted environment. The cyber division of the Federal Bureau of Investigation (FBI) reported that Netwalker ransomware was seen spreading through a script attached to COVID-19 themed phishing emails that executed when opened.
Exploiting your vulnerabilities
Although the sophisticated cyber-attacks aim to exploit vulnerabilities found in information technology infrastructures, such as unpatched or unsupported firewalls, network appliances, web applications, and other devices, phishing emails are the easiest and unsophisticated method of infiltration.
HIROC’s proactive approach in supporting Subscribers has resulted in a number of alerts being sent out to subscribers this year. For example, alerts were sent out in relation to phishing email attacks which could result in misdirected payments or funds and ransomware attacks.
Additionally, cyber criminals have been publishing sensitive data stolen during infiltration periods prior to deploying ransomware attacks. In such situations, ransom payments are demanded to erase the published data. This further demonstrates the sophistication of cyber-attacks and the inability of organizations to easily recognize criminals lurking and prowling in their environment.
Building a cyber security community
The Reciprocal model revolves around partnerships and HIROC strives to share knowledge with Subscribers – all with the goal of partnering to create the safest healthcare system. Most recently, HIROC partnered with CyberClan to strengthen the base of knowledge around cyber security.
In the spirit of knowledge sharing and as a way to help kick-start conversations at your organization with respect to your cyber security program, HIROC and CyberClan created a list of things to consider:
- Map your attack surface. Have you identified all your systems and devices that are used by your organizations and staff members?
- Manage your vulnerabilities. Do you have a process to identify your vulnerabilities? How does your patch management program align with industry standard practices? Do you give importance to security patches? If you have unsupported operating systems, how do you protect them and protect your network?
- Understand your security systems. What type of security tools and technology are you using? How often do you update them? Does the protection apply to the entire network?
- Protect risks associated with human resources. What type of employee awareness training program do you have in place? Do you invest in focused training by type of job function (e.g. advanced security training for information security staff members)?
- Build resilience. Do you have a data backup and recovery program? Are your backups isolated and off-site? Do you run disaster and system recovery tests and incident management table top exercises? Do you have a cyber incident recovery plan (i.e. playbook)?
- Report suspected cyber related incidents to HIROC right away by contacting Marnie MacPhee, Director of Claims at firstname.lastname@example.org or HIROC’s Claims Department at email@example.com.
If you have any questions or would like to connect to discuss your cyber security preparedness, please contact Kopiha Nathan, firstname.lastname@example.org.
- Cyber Risk Management Guide, HIROC, 2018
- Key measures for preventing and mitigating cyber-attacks and ransomware, HIROC, 2018
- CyberClan Podcasts
- Flash alert, Federal Bureau of Investigation, Cyber Division, July 2020
- Ransomware: How to Prevent and Recover, Canadian Centre for Cyber Security, Government of Canada, September 2019
By Kopiha Nathan, Privacy and Compliance Officer, HIROC