Connect with us

Hi, what are you looking for?

Tech & Science

Ransomware used to target reproductive health clinic

Businesses must shore up their defenses, particularly for sensitive data.

Image: © AFP/File Fred TANNEAU
Image: © AFP/File Fred TANNEAU

A recent data breach announced affected the company Planned Parenthood LA. The firm stated that sensitive data was exposed following a ransomware attack towards the end of 2021. Ransomware is a type of malware that infects systems and files, rendering them inaccessible until a ransom is paid.

At risk is clinical data relating to patients and with what has fallen into the hands of the perpetrators. Planned Parenthood LA is one of the largest providers of comprehensive, reproductive health care services in Los Angeles County.

Private healthcare has become a popular target for ransomware gangs. Healthcare institutions hold large amounts of data that can be encrypted and it is relatively easy to impact a healthcare provider’s ability to operate.

Private healthcare, in the for-profit sector, also tends to have funds to pay the ransom (at least criminal gangs are of this view). Sometimes the personnel tasked with IT security as not as tech-savvy compared with other industries, consequently providing more loopholes for those seeking to exploit vulnerabilities.

This incident highlights the need for a better approach to ransomware protection, as Gary Ogasawara, CTO, Cloudian tells Digital Journal. This is especially as the public cloud remains the most common point of entry for ransomware and this is a service that many businesses utilize.

According to Ogasawara we can take from this latest attack a sign that criminal groups are becoming more relentless. As Ogasawara points out: “As ransomware attack strategies become increasingly sophisticated and often result in data theft and exploitation, businesses must shore up their defenses, particularly for sensitive data.”

As an example of how prepared firms are or are not, Ogasawara points to: “A recent survey of those that experienced an attack found that 49 percent had perimeter defenses in place at the time of the attack, but ransomware still penetrated. This means organizations need to move beyond such traditional defenses to protect their data.”

In terms of the types of preventative strategies businesses need to be considering, Ogasawara recommends: “When it comes to sensitive data in particular, encrypting data both in flight and at rest is essential to keep cybercriminals from reading it or making it public in any intelligible form.”

In addition, and most importantly, Ogasawara states: “Organizations should have an immutable (unchangeable) backup copy of their data which prevents such criminals from altering or deleting that data and ensures the ability to recover the uninfected backup copy in the event of an attack, without paying ransom.”

Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Business

Sixty percent of enterprises say that change management programs are "no longer fit for purpose."

Tech & Science

New research on Antarctica doubles the previous estimates of loss from ice shelves and details how the continent is changing.

World

Thousands marched in Brazil in 'defence of democracy' - Copyright AFP Thibaud MORITZThousands of Brazilians took to the streets of Sao Paulo Thursday in...

Business

It's not too late for a road trip: The US average price of gasoline at the pump has finally fallen below $4.00 a gallon.