Authentication failure blamed for Change Healthcare ransomware attack | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

George Glass, associate managing director, Kroll Cyber Risk, said, “Unless the organisation is using a sizable team of security professionals, this can leave significant gaps in a healthcare organisation’s capability to detect and respond to threat actor intrusions.”

Glass continued: “When dealing with ransomware actors, time to respond and remediate can make all the difference between a malware event to ransomware, encryption for impact and data exfiltration, which can take place in a matter of hours.”

Legacy technologies in hospital environments may also be a factor in increasing risk.

“The use of operational technologies in healthcare environments can mean out-of-date operating systems and protocols to support them. This can enable threat actors to make lateral movements more easily,” he said.

UHG boss Andrew Witty is due to testify about the breach in a Congressional hearing on May 1.


Click Here For The Original Source.


National Cyber Security