THE CYBERSECURITY 202: A NONPROFIT IS PROVIDING FREE RANSOMWARE PROTECTION TO PRIVATE U.S. HOSPITALS
Ransomware attacks against hospitals have dramatically spiked during the coronavirus pandemic. The ransomware “epidemic,” as it was recently described by Homeland Security Department Secretary Alejandro Mayorkas, has made the issue a key focus for both cybersecurity nonprofit organizations and government agencies.
As a part of the effort to combat the rise in attacks, nonprofit group Center for Internet Security (CIS) this month launched a free ransomware protection service for private U.S. hospitals.
The Malicious Domain Blocking and Reporting Service (MDBR) uses security services from Akamai to proactively look for traffic from domains associated with malicious activity, including ransomware attacks. If it detects a malicious domain trying to connect with hospital networks, the software blocks the connection.
The tool isn't a panacea; it won't stop more sophisticated hackers seeking to target a particular institution. But it can decrease the risk of hackers succeeding in more simple attacks against embattled hospitals during the pandemic, such as phishing emails tricking employees into clicking malicious links.
Ransomware attacks can be launched against any institution, and they're mainly done for money. But they pose potentially life-or-death consequences inside hospitals already under tremendous strain.
The free software program is targeted at underfunded hospitals in the United States lacking their own basic cybersecurity services, says Ed Mattison, executive vice president of CIS operations and security services.
“Cybersecurity is always a hard sell because success in cybersecurity is that you spend money on products and services and then something doesn't happen,” says Mattison. “And so it's very hard for cybersecurity professionals to get the funding and the budgets they need.”
In 2019, health-care providers spent just five percent of their information technology budgets on security, according to research from Gartner.
The project, which is funded by CIS directly, builds off the success of a federally funded pilot project launched through CIS with funding from the Multi-State Information Sharing and Analysis Center, a private-public partnership.
The pilot program last year provided ransomware prevention tools to state and local government organizations. The program covers more than 1,000 government organizations, including election infrastructure, public health organizations and K-12 schools. Since the program began, the service has blocked more than 748 million attempts by malicious domains, CIS says. In December alone, it blocked nine domains tied to ransomware criminals from public health organizations using the service.
Andrew Maurer, a systems architect at Madelia Community Hospital and Clinic, which has been using the service since November, called the domain-blocking tool “painless to implement.”
“It just works, and in IT that's a rare thing to say,” he says. The software detected almost 3,000 malicious domain server requests in just its first week, Maurer noted.
Para el ver artículo original: https://www.washingtonpost.com/politics/2021/03/02/cybersecurity-202-nonprofit-is-providing-free-ransomware-protection-private-us-hospitals/?utm_campaign=wp_the_cybersecurity_202&utm_medium=email&utm_source=newsletter&wpisrc=nl_cybersecurity202
Últimos Artículos
