“Adam” writes:
My name is Adam, and I’ve worked in the healthcare industry for over 15 years. In my current line of work, I assist healthcare facilities across the U.S. with their overall cybersecurity posture, ranging from physical and technical security controls to security incident response in conjunction with disaster recovery and business continuity planning.
My scope of work is quite broad, however, I’m here today to address the state of healthcare relative to ransomware.
In many cases, it has been determined that threat actors were inside a healthcare organization’s network for months or even years before setting their malicious code loose. To help ensure payment is made, some threat actors will delete backup data and encrypt the remaining data, thus making it almost impossible for the organization to recover from the situation on their own. At that point, the business is kneecapped and they are at the attackers’ mercy.
Why does this continue to happen?
Read more on HelpNetSecurity.