When it comes lowlife acts, it’s hard to get any lower than attacking hospitals with ransomware during a pandemic.
Yet, that’s exactly what happened earlier this week when UnitingCare Queensland’s hospitals and aged care centres were taken offline. While UnitingCare works to restore IT systems, there’s some important lessons in this attack for organisations across Australia.
First of all, any organisation that falls victim to a cyberattack is just that – a victim.
Unfortunately, ransomware attacks are one of the risks of living and working online and there is no silver bullet to stop 100 per cent of cyber-attacks.
The challenge is that the fight against cyber attackers is asymmetric. An organisation needs to stop all attacks to be successful, while a hacker only needs one malicious email to be clicked to completely compromise a business.
Secondly, nothing is off limits to hackers.
This is not the first-time Australian healthcare providers have been caught in the crosshairs. In August last year, the Australian Cyber Security Centre issued a warning that a ransomware campaign was actively targeting Australia’s health and aged care sectors.
Anglicare Sydney and Regis Healthcare, both aged care providers, were hit with ransomware in the midst of dealing with the pandemic. The calculation cyber attackers make when targeting such essential services is that because they provide critical care, they can’t afford to be offline, and are therefore more likely to pay the ransom to regain access to their data and systems.
Finally, the ability to recover rapidly is the best strategy to ensure business continuity against these insidious attacks.
The Australian Cyber Security Centre recommends organisations back up their critical data at least daily to ensure operations can restart quickly following a ransomware attack. The more frequently data is backed up, the more rapidly you can recover without having pay attackers the ransom – which recent research suggests is AUD$1.25 million on average.
With a comprehensive backup strategy, businesses can simply turn back the clock and restart operations from a ‘save point’ before the attack.
While the price tag is eye-watering, the ransom isn’t the worst of it. These attacks are so devastating because they can take organisations offline for weeks while they try to recover. Consider how much revenue a business loses each day it can’t operate? Or how many patients are put at risk when a hospital can’t function? That is the true cost of ransomware.