The recent ransomware attack on two regional Victorian hospital networks is a critical reminder of the increasing sophistication of specialist hackers – who see remotely-located health networks as easy targets for their use of often dated technology.
Health networks in regional areas often spend a huge amount of time, energy, and resources reacting to incidents like the cyber-attack that hit the Gippsland Health Alliance and the South West Alliance of Rural Health on 30 September. These networks are small, widely dispersed and under significant pressure due to disparate, siloed tech repositories. They were very carefully targeted for exactly this reason, by savvy cybercriminals who are no longer relying on a scattergun approach but investing their time in strategic, identified attacks.
Datto’s latest Global State of the Channel Ransomware Report shows that ransomware remains the most prominent malware threat to SMEs and that traditional cybersecurity solutions like antivirus and email/spam filters are no match for modern cyber attackers. Health networks top the list of sectors that reported the most data breaches in the OAIC’s latest Notifiable Data Breaches quarterly report – and the frequency of these attacks is set to increase as the threat landscape continues to evolve.
So, how do we help these smaller networks become more cyber resilient, without taking away from their community focus?
First and foremost, there need to be clear directives from governments in line with their policies on paying ransomware to unlock constituent data. This is essential, because when an incident of this scale affects a regional facility team or local council that lacks the cyber qualifications to deal with it appropriately, they will look to the government as the first port of call for advice and support.
Secondly, to mitigate external threats associated with IT and cyber-attacks and keep their focus on the local community, health networks in remote areas should be outsourcing their IT to managed service providers (MSPs) that specialise in data protection and IT system security optimisation, and who have a sound understanding and expertise in the complex, fluid security landscape. MSPs deliver ongoing monitoring and management of applications and infrastructure remotely and take a proactive approach to their customers’ IT so they can prevent most tech issues before they happen.
Our recently released Ransomware Report shows that in Australia and New Zealand, 91 per cent of managed service providers have reported attacks against SMEs in the last two years – the highest rate globally.
A coordinated approach is imperative to address this threat. State governments must ensure provisions are in place to better protect our regional facilities against future attacks, and facilities themselves must consider proactively outsourcing their cyber protection and backup operations so they can continue to focus on community care.
James Bergl, CompTIA ANZ Channel Community executive council member and director of sales, APAC, Datto, Inc.