Healthcare Giant Grapples with Ongoing Cyber Attacks
Even after facing multiple cyberattacks, a Fortune 500 healthcare company still hasn’t gained consciousness to secure its data. We found it hard to believe at first given its creditable reputation. This company operates in 32 countries and has a revenue of over $12 billion back in 2022. It is the largest global distributor of healthcare products and services and it operates through a centralized and automated distribution network, thus optimizing its distribution process, and it serves more than 1,000,000 customers.
Despite its roaring success, this company faced back-to-back attacks starting in mid-October and again just a month after. Twice. It experienced a ransomware cyberattack, which was all carried out by BlackCat, also known as ALPHV or Noberus. If you’re not familiar with BlackCat, it is a group of hackers who have claimed more than 1,000 victims around the world by infiltrating their computer networks. This ransomware forced them to take their systems offline and temporarily shut down some of its apps and their e-commerce platform.
BlackCat only wants one thing out of this: money. They are known as the second most prolific ransomware-as-a-service variant and have collected millions of dollars worldwide. This has garnered their attention and they now have a target on their backs by foreign law enforcement. The solution here is simple: this healthcare company should hire the best cybersecurity specialists to administer risk assessments and conduct pen-testing to assess the effectiveness of their security measures. Our team at Reaper Forensics can help with all that. Through our Governance, Risk, and Compliance (GRC) Services, we can determine the risk management strategies to take to address the potential threats and vulnerabilities of the network. We would also recommend doing pen-testing, or penetration testing, once a year, especially in cases like this, where we will simulate real-world cyberattacks, so if anything happens, the company would know how to handle it. Afterward, we will provide detailed reports on the system’s vulnerabilities as well as give recommendations to strengthen your security. What happened to this healthcare company should serve as a lesson for any other companies in the industry that it’s better to prioritize security rather than prolong the risk.
Source: