The ransomware group, DarkSide, has been getting a lot of attention due to their attack that caused the Colonial Pipeline to shut down over five thousand miles of pipe that delivers fuels to the East Coast. This has led to panic buying and gas shortages in many U.S. states that have caused other unforeseen issues.
They continue to say they are only out to make money from businesses that can afford to pay the requested amount, “we do not want to kill your business.” However, attacking organizations outside of those that can “afford it” affect much more than just the targeted organization. For instance, panic buying and gas shortages can cause transportation issues for people trying to get to work, school and healthcare appointments. DarkSide’s attack has undoubtedly affected organization’s that, based on their “principles,” should be off limits.
Our question, along with everyone else, is: who’s next? We know that hospitals and long-term care organizations rely on large scale third party vendors for a host of services. Everything from a laundry service to an MSP could be targeted. Any of these services being disrupted could have huge implications on delivering care to patients. With a large-scale solution to ransomware attacks nowhere in sight, healthcare organizations live in fear of being targeted.
Ransomware gangs need repercussions in order to reduce attacks. In a previous blog post we outline the report put forth by the Ransomware Task Force (RTF) to help combat ransomware. The report represents a great step forward in reducing ransomware. However, it is up to your organization’s security to reduce the risk of a successful attack. Proper internal, and third-party vendors’, security practices are what can prevent such a detrimental attack from taking place. By educating your users, penetration testing your environment, and having a complete security infrastructure you’ll be able significantly reduce your risk of a ransomware attack. As for third-party vendors, checking-in at least annually on security practices is a must. Most importantly, ensure third-party vendors are utilizing security best practices prior to doing business with them!