Hackers used Ransomware to Attack North-Carolina Healthcare Provider

Allergy Partners, an Asheville, N.C.-based healthcare provider, fell victim to a ransomware attack that lasted 8 days. According to reports, hackers infected Allergy Partners’ computer systems with ransomware and demanded a $1.75 million payment in exchange for giving the clinic access to its own encrypted data.

Ransomware has rapidly become the number one cyber threat to organizations globally and the effects can be disruptive and devastatingCybercriminals are using ransomware to attack organizations because they are extremely lucrative. In fact, large attacks can yield pay off’s of one million dollars or more.  Cybersecurity experts are now seeing Ransomware as a Service (RaaS) being developed, sold and leased on the dark web.   

Ransomware as a service (RaaS) is a new business model for ransomware developers. Ransomware developers sell or lease their ransomware variants to affiliates who then use them to perform an attack. RaaS makes non-developers or non-computer savvy individuals capable of cyber threats to individuals or organizations. This increase and availability of ransomware through RasS has expanded the threat landscape exponentially while decreasing the risk to the ransomware developers.

What Can you do to Ensure Your Organization is Protected from Ransomware?

While basic measures such as firewalls or antivirus are a good first step, they do not keep you completely protected. For example, antivirus is simply good practice and should be considered the first step in your foundational security, but it is not effective for stopping advanced security threats such as ransomware.

Endpoint Detection and Response is an effective solution to detecting malware because it doesn’t rely on a single approach, but instead, utilizes multiple methods for detecting malware and malicious actions within your network environment. EDR helps combat threats to your organization by recognizing:

  • Misuse of legitimate applications (Powershell, WMI, MSHTA)
  • File-based attacks (Microsoft Office, Adobe PDF, etc.)
  • Unwanted software (browser toolbars, PUPs)
  • Insider threats (malicious employee, compromised credentials, accidental release of data)
  • Suspicious user activity

Risk Assessment services can also be helpful in determining what gaps exist in your current cybersecurity posture. These assessments can also prioritize where to start with mitigating risks. Many assessments, like those we offer, will also provide companies with a roadmap to get to their desired level of cybersecurity and compliance.

If you’d like to learn more about how to protect your organization from ransomware or other cyber-attacks, we’d love to hear from you. Give us a call at (877)367-9348 or reach out to us here to schedule a consultation. We are a full-service award-winning managed security provider with a team of professionals with vast knowledge in our tools we provide and we are able to consult and design a plan based on your specific business needs.

Comments are closed.