The U.S. and other nations worldwide have pledged to combat ransomware and promote proper cyber hygiene. President Biden met virtually with other world leaders on October 13 and 14 to address the growing problems caused by ransomware attacks.
Recent attacks against important infrastructures and healthcare organizations increased dramatically over the past few years. The government believes that collaboration and a strong response are key to blocking data breaches and encouraging solid cybersecurity practices.
A ransomware epidemic
Ransomware is malware (or malicious software) used to deny a victim access to a system until a ransom is paid. Victims typically download malware through phishing emails that include malicious attachments or fraudulent links.
Email is the most accessible threat vector (or entry point) into any system. A simple click can give a hacker access to data for ransom.
Such cyberattacks have disrupted so much that some describe the current onslaught as a ransomware epidemic. Ransomware attacks can halt an organization’s operations and cause a ripple effect of problems.
As stated in the White House press release for the October meetings,
From malign operations against local health providers that endanger patient care, to those directed at businesses that limit their ability to provide fuel, groceries, or other goods to the public, ransomware poses a significant risk to critical infrastructure, essential services, public safety, consumer protection and privacy, and economic prosperity.
Healthcare and ransomware
And unfortunately, a disruption of critical services is just one of several reasons that covered entities are more likely to pay a ransom.
RELATED: To pay or to not pay for stolen data
Government response and intervention
Sadly, the aftermath of a ransomware attack can be difficult for many organizations to resolve. This is why the U.S. government has ramped up its involvement in ransomware attacks.
In fact, the U.S. government elevated the threat level of ransomware, giving it a similar priority as terrorism to ensure centralized coordinated investigation and mitigation. And in the summer, President Biden signed an executive order and wrote a National Security Memorandum to announce action to protect critical infrastructure.
Recently, representatives of over 30 nations met to discuss the growing threat:
|Czech Republic||Dominican Republic||Estonia||European Union|
|Poland||Republic of Korea||Romania||Singapore|
|United Arab Emirates||United Kingdom||United States|
National Security Advisor Jake Sullivan was quoted saying that those invited “recognize the urgency of the ransomware threat.” Countries known for hosting nation-state threat actors, like Russia and China, were left off the list.
The approach of the collaboration was three-fold: improve network resilience, address financial mechanisms, and disrupt the ransomware ecosystem. As stated in the press release, “A nation’s ability to effectively prevent, detect, mitigate and respond to threats from ransomware will depend, in part, on the capacity, cooperation, and resilience of global partners, the private sector, civil society, and the general public.”
Accordingly, the entire process will take a concerted effort to block ransomware operations through diplomatic efforts.
Cybersecurity best practices
No actual mitigation strategies were provided at this stage. But several U.S. security agencies have recently released guidance on safeguarding personally identifiable information (PII) and PHI.
The U.S. Health and Human Services Office of Civil Rights recently shared some of these guides as resources for healthcare providers. In general, a strong cybersecurity program must include layers of:
- Employee awareness training
- Up-to-date and consistent policies and procedures
- Strong technical and physical access controls
- Patched and updated systems and devices
- Clear recovery and backup plans
Paubox Email Suite Plus
It offers strong inbound security features that stop threats like phishing, ransomware, spam, display name spoofing, and more. Our solution also offers a new, patent-pending security feature, Zero Trust Email, which insists on another layer of verification before any email is delivered.
In a recent statement, President Biden said,
We must lock our digital doors . . . and we must build technology securely by design, enabling consumers to understand the risks in the technologies they buy. Because people—from those who build technology to those to deploy technology—are at the heart of our success.