Today, kidney dialysis provider DaVita disclosed that it was hit with a ransomware attack that encrypted certain elements of its network.
Erich Kron, security awareness advocate at KnowBe4, commented:
“Ransomware attacks such as this against healthcare facilities can cause significant issues for current and past patients. While the release does not currently mention a theft of data, it is extremely common for that to occur alongside the encryption component. This means patients should keep an eye open for future notifications from DaVita related to their data being breached or for unusual credit transactions being attempted. Ransomware groups often plan these attacks to fall over weekends or during holiday times with the hope that response times by the victim organization will be slower than during the week. Since many people are less easily contacted over the weekends, or may be unavailable, this slowdown in response can allow the attackers to steal and encrypt more data, which gives them more leverage in ransom negotiations than they might be able to take advantage of during the work week.
“When these attacks occur in medical facilities, it can lead to significant issues for patients of the organization. Not only can services be canceled or delayed, with the usual computerized systems offline, there is an increased chance of human error being introduced into the processes, especially if the employees are not used to working with the manual methods that organizations often must fall back to during a ransomware event.
“Organizations that might be subject to ransomware events such as this should ensure they have a robust human risk management program in place, good backups that have been tested, and data loss prevention controls deployed to limit the amount of, or completely stop, the exfiltration of data. In addition, organizations should have a plan in place to deal with emergencies that happen after hours or during holidays and weekends, and the plan should be tested on a regular basis.
This might sound familiar, but healthcare is one of those sectors that really requires a cash infusion to stop this sort of thing from happening. And I will keep saying that until this is addressed because this is getting out of hand.
Like this:
Like Loading...
Related
This entry was posted on April 14, 2025 at 12:47 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Kidney Dialysis Provider DaVita Reports Ransomware Attack
Today, kidney dialysis provider DaVita disclosed that it was hit with a ransomware attack that encrypted certain elements of its network.
Erich Kron, security awareness advocate at KnowBe4, commented:
“Ransomware attacks such as this against healthcare facilities can cause significant issues for current and past patients. While the release does not currently mention a theft of data, it is extremely common for that to occur alongside the encryption component. This means patients should keep an eye open for future notifications from DaVita related to their data being breached or for unusual credit transactions being attempted. Ransomware groups often plan these attacks to fall over weekends or during holiday times with the hope that response times by the victim organization will be slower than during the week. Since many people are less easily contacted over the weekends, or may be unavailable, this slowdown in response can allow the attackers to steal and encrypt more data, which gives them more leverage in ransom negotiations than they might be able to take advantage of during the work week.
“When these attacks occur in medical facilities, it can lead to significant issues for patients of the organization. Not only can services be canceled or delayed, with the usual computerized systems offline, there is an increased chance of human error being introduced into the processes, especially if the employees are not used to working with the manual methods that organizations often must fall back to during a ransomware event.
“Organizations that might be subject to ransomware events such as this should ensure they have a robust human risk management program in place, good backups that have been tested, and data loss prevention controls deployed to limit the amount of, or completely stop, the exfiltration of data. In addition, organizations should have a plan in place to deal with emergencies that happen after hours or during holidays and weekends, and the plan should be tested on a regular basis.
This might sound familiar, but healthcare is one of those sectors that really requires a cash infusion to stop this sort of thing from happening. And I will keep saying that until this is addressed because this is getting out of hand.
Share this:
Like this:
Related
This entry was posted on April 14, 2025 at 12:47 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.