Mailing and printing services vendor OneTouchPoint disclosed a ransomware attack impacting at least 38 healthcare organizations. The attack compromised the personally identifiable information stored in their systems including customer names, addresses, birth dates, service description, diagnosis codes, member identification and health assessment information.
JP Perez-Etchegoyen, CTO at Onapsis, weighed in on this latest news and what organizations can do to protect themselves from this type of attack.
"Although it is unknown whether or not the attacker’s intent was to target this mailing and printing services vendor because of their services to healthcare organizations, it is safe to say that healthcare is a highly targeted industry because of the valuable information it stores in its systems, and this tactic of targeting vendors and suppliers is a growing trend. The value of information housed within IT databases of healthcare organizations, as well as the degree of vulnerability that comes along with patients dependent on these organizations for care, bring these kinds of cyberattacks from bad to worse.
Fully securing IT systems is the first step in defending businesses against ransomware. First, organizations must cover the basics by having secure connectivity, MFA, and SSO. MFA offers an extra layer of security, requiring users to provide at least two forms of authentication. In combination with MFA, single sign-on can increase password strength and provide a more streamlined experience by allowing users to log in using an already trusted third-party verification.
Avoiding opening suspicious email attachments and keeping systems and applications patched and updated are also critical to protecting against these attacks-- regularly updating computer programs, operating systems, and applications help protect against threat actors. Additionally, integrating existing systems with new processes and developing plans for a proactive approach to securing the organization’s critical systems add another level of protection against cyberattacks. Organizations need a ransomware plan that goes beyond the scope of just protecting endpoints, backing up files, and hoping for the best-- they should leverage the powerful native security capabilities of modern software technology and establish the right risk-based patch, code, and vulnerability management processes to stay ahead of ransomware groups."