Image: © AFP/File Fred TANNEAU
A recent data breach announced affected the company Planned Parenthood LA. The firm stated that sensitive data was exposed following a ransomware attack towards the end of 2021. Ransomware is a type of malware that infects systems and files, rendering them inaccessible until a ransom is paid.
At risk is clinical data relating to patients and with what has fallen into the hands of the perpetrators. Planned Parenthood LA is one of the largest providers of comprehensive, reproductive health care services in Los Angeles County.
Private healthcare has become a popular target for ransomware gangs. Healthcare institutions hold large amounts of data that can be encrypted and it is relatively easy to impact a healthcare provider’s ability to operate.
Private healthcare, in the for-profit sector, also tends to have funds to pay the ransom (at least criminal gangs are of this view). Sometimes the personnel tasked with IT security as not as tech-savvy compared with other industries, consequently providing more loopholes for those seeking to exploit vulnerabilities.
This incident highlights the need for a better approach to ransomware protection, as Gary Ogasawara, CTO, Cloudian tells Digital Journal. This is especially as the public cloud remains the most common point of entry for ransomware and this is a service that many businesses utilize.
According to Ogasawara we can take from this latest attack a sign that criminal groups are becoming more relentless. As Ogasawara points out: “As ransomware attack strategies become increasingly sophisticated and often result in data theft and exploitation, businesses must shore up their defenses, particularly for sensitive data.”
As an example of how prepared firms are or are not, Ogasawara points to: “A recent survey of those that experienced an attack found that 49 percent had perimeter defenses in place at the time of the attack, but ransomware still penetrated. This means organizations need to move beyond such traditional defenses to protect their data.”
In terms of the types of preventative strategies businesses need to be considering, Ogasawara recommends: “When it comes to sensitive data in particular, encrypting data both in flight and at rest is essential to keep cybercriminals from reading it or making it public in any intelligible form.”
In addition, and most importantly, Ogasawara states: “Organizations should have an immutable (unchangeable) backup copy of their data which prevents such criminals from altering or deleting that data and ensures the ability to recover the uninfected backup copy in the event of an attack, without paying ransom.”