Author: Max Vetter

Comment on Costa Rica Public Health Service Ransomware Attack by Max Vetter

As ransomware gangs continue to target Costa Rica with a vengeance, it is perhaps unsurprising that, following a HIVE ransomware attack, all computer systems on its public health service were taken offline. Attackers gained access to its network in the early hours of Tuesday morning. Employees were allegedly told to shut down their computers and unplug them from the networks amidst the ensuing havoc.

This response could hint at the unpreparedness of organisations that have limited plans in place should a cyber attack hit. Ransomware attacks are what we refer to as ‘wicked problems’ – ones with no clear ‘right answer’. This is the reason that recent research by Immersive Labs highlights that 18% of government organisations resort to paying the ransom in attack simulations. The healthcare sector is particularly vulnerable to ransomware, partly due to the sensitive nature of the data it holds. But in our research, it was the worst performing industry in terms of cyber crisis response by some margin, with a score of just 18%. This needs to change.

Cybersecurity is no longer an issue for IT teams alone; remaining resilient in such a high-paced threat environment requires the optimisation of human cyber knowledge, skills, and judgement across the entire organisations when it comes to preparing for, responding to, and remediating against cyber threats. When it comes to crisis planning, all departments should be rolled into incident response plans from the start – and not left as an afterthought. Had this been the case here, the consequent chaos and shutdown of operations could have been reduced if not prevented entirely.