Connect with us

Hi, what are you looking for?

Tech & Science

Ransomware used to target reproductive health clinic

Businesses must shore up their defenses, particularly for sensitive data.

Image: © AFP/File Fred TANNEAU
Image: © AFP/File Fred TANNEAU

A recent data breach announced affected the company Planned Parenthood LA. The firm stated that sensitive data was exposed following a ransomware attack towards the end of 2021. Ransomware is a type of malware that infects systems and files, rendering them inaccessible until a ransom is paid.

At risk is clinical data relating to patients and with what has fallen into the hands of the perpetrators. Planned Parenthood LA is one of the largest providers of comprehensive, reproductive health care services in Los Angeles County.

Private healthcare has become a popular target for ransomware gangs. Healthcare institutions hold large amounts of data that can be encrypted and it is relatively easy to impact a healthcare provider’s ability to operate.

Private healthcare, in the for-profit sector, also tends to have funds to pay the ransom (at least criminal gangs are of this view). Sometimes the personnel tasked with IT security as not as tech-savvy compared with other industries, consequently providing more loopholes for those seeking to exploit vulnerabilities.

This incident highlights the need for a better approach to ransomware protection, as Gary Ogasawara, CTO, Cloudian tells Digital Journal. This is especially as the public cloud remains the most common point of entry for ransomware and this is a service that many businesses utilize.

According to Ogasawara we can take from this latest attack a sign that criminal groups are becoming more relentless. As Ogasawara points out: “As ransomware attack strategies become increasingly sophisticated and often result in data theft and exploitation, businesses must shore up their defenses, particularly for sensitive data.”

As an example of how prepared firms are or are not, Ogasawara points to: “A recent survey of those that experienced an attack found that 49 percent had perimeter defenses in place at the time of the attack, but ransomware still penetrated. This means organizations need to move beyond such traditional defenses to protect their data.”

In terms of the types of preventative strategies businesses need to be considering, Ogasawara recommends: “When it comes to sensitive data in particular, encrypting data both in flight and at rest is essential to keep cybercriminals from reading it or making it public in any intelligible form.”

In addition, and most importantly, Ogasawara states: “Organizations should have an immutable (unchangeable) backup copy of their data which prevents such criminals from altering or deleting that data and ensures the ability to recover the uninfected backup copy in the event of an attack, without paying ransom.”

Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Life

Semi trucks drive along Interstate 70 near Booneville, Missouri on Nov. 1, 2011. KOMUnews/Anna Burkart. CC SA 2.0.Hundreds of B.C. truckers took to the...

Business

At Acumatica Summit 2022, the cloud ERP leader announced updates to its future-proof platform and new paths toward success.

World

Russia is insisting on a return to a status quo which can no longer exist, even in theory.

Life

A man enters the Regeneron Clinic at a monoclonal antibody treatment site in Pembroke Pines, Florida, on August 19, 2021. The manufacturers of the...