ACSC (Australian Cyber Security Centre) recently released their second Annual Cyber Threat Report, providing an overview of the key cyber threats affecting Australia.
Below, we summarise some of the top threats to the healthcare sector, then discuss how we can protect your organisation and data.
Three cyber threats you need to be aware of:
- Exploitation of the pandemic environment: COVID-19 provided malicious actors with the perfect backdrop to exploit the fears of everyday Australians and health organisations. Tactics included spear-phishing emails which encouraged recipients to enter personal credentials so they could (in theory) access COVID-related information or services. For a variety of reasons, the health care sector was a favoured target to exploit.
- Disruption of essential services and critical infrastructure: Cyberattacks targeting Australia’s critical infrastructure or essential services made up around 25% of all incidents reported to ACSC. High on the attack list were services such as food distribution, energy – and yes, healthcare.
- Ransomware: It’s not news that ransomware poses one of the most significant threats to Australian organisations. ACSC reported a 15% increase in ransomware attacks over the 2020–21 financial period and the ensuing disruption of a range of sectors, including health care and social assistance.
ACSC also noted the rapid exploitation of security vulnerabilities, the targeting of , and the ongoing threat (and significant financial impact) of compromised business emails.
The good news, though, is that we’ve got you cyber-covered.
The Essential Eight and the Health IT Security Stack
To help Australian organisations protect themselves and their data from attack, ACSC developed a baseline of mitigation strategies called the Essential Eight.
The topic of Essential Eight is near and dear to our hearts – as it doubtless is to yours (see this earlier blog). So while we won’t deep dive into the detail of those strategies, we will discuss how we help you comply with ACSC’s eight recommendations with our Security Stack offering.
Security Stack includes a with enhanced detection and response, managed DNS security, application whitelisting, and other automated tools to provide real-time security alerts. When combined with our Multi-factor Authentication (MFA or 2FA) and daily backups, you can tick off all the Essential Eight mitigation strategies.
It’s not going to cost you the earth either. We’ve designed Security Stack to enable you to affordably mitigate the risk of data breach or loss, and to meet government and insurance compliance requirements introduced to reduce this risk.
So, how does our solution ‘stack’ up against ACSC’s Essential Eight?
Essential Eight – 1: Application Whitelisting – By restricting access to only approved and trusted programs, we stop unapproved and malicious programs including .exe, DLL, scripts (e.g. Windows Script Host, PowerShell and HTA) and installers in their tracks.
Essential Eight – 2: Configure MS Office Macro Settings – We prevent Microsoft Office macros from delivering and executing malicious code to your systems by only allowing vetted macros either in ‘trusted locations’ with limited write access, or those digitally signed with a trusted certificate.
Essential Eight – 3: Patch Applications – We mitigate known ‘extreme risk’ software vulnerabilities with the latest patches (or completely update the application version) within 48 hours of publication to prevent cybercriminals from exploiting your applications and executing malicious code.
Essential Eight – 4: User Application Hardening – We block malicious code delivered through Flash, ads, and Java by configuring web browsers, uninstalling Flash (recommended), and disabling at-risk features in Microsoft Office, web browsers and PDF software.
Essential Eight – 5: Restrict Administrative Privileges – We close the doors on easy access to your administrative accounts by reducing the attack surface through regular reviews and revalidation of admin privileges.
Essential Eight – 6: Patch Operating Systems – We patch and mitigate computers (including network devices) with ‘extreme risk’ vulnerabilities within 48 hours to mitigate operating system vulnerabilities.
Additional Security Products
Essential Eight – 7: Multi-factor Authentication – We roll out stronger user authentication to make it harder for your adversaries to access sensitive information and systems. Multi-factor Authentication is a simple but highly effective way to protect your data from external access.
Essential Eight – 8: Daily backups – We minimise the potential damage to your organisation in case of cyber-attack, ransomware, corruption, or loss with reliable daily backups as a minimum.
In summary, the ACSC report serves as a useful reminder of the importance of remaining vigilant, diligent, and informed. If you’re unsure that your network, systems, and client data are all well-protected, we’re happy to talk you through the benefits and options.
What does that mean? https://www.cyber.gov.au/acsc/view-all-content/glossary