- While ransomware attacks continue to preoccupy the minds of healthcare IT security pros, a new threat is emerging—cryptocurrency mining.
Not as devastating as ransomware, cryptocurrency mining malware can still degrade system performance and cause vital healthcare IT systems to slow down or even shut down due to the enormous processing power the malware uses to mine cryptocurrency.
According to a survey of 2,366 IT security pros who are members of the IT security professional association ISACA, cryptocurrency mining attacks are on the rise, while ransomware attacks are declining. The survey included more than 140 healthcare IT security pros.
In last year’s survey, 62 percent of respondents experienced a ransomware attack, compared to 45 percent this year.
Eighty-two percent of respondents said that their enterprises now have ransomware strategies in place, and 78 percent said they have a formal process, up 25 points from last year.
“The ubiquity of ransomware defenses, coupled with the general unwillingness of enterprises to pay ransoms, appears to have precipitated a steep decline in ransomware relative to prior years,” ISACA noted in ISACA’s State of Cyber Security 2018 Part 2 report about the survey results.
ISACA noted that cryptocurrency mining malware can operate without direct access to the file system, making it harder to detect.
“Because cryptocurrency mining malware can operate and generate value for an attacker without access to a victim’s host filesystem, the method of detection employed by the enterprise may require adjustments,” ISACA observed.
“Enterprises may want to investigate the degree to which existing controls, such as antimalware tools and products, operate in a fileless malware context,” the report added.
Half of the respondents said that they have seen an increase in cyberattack volumes compared to last year, and 80 percent said they are likely or very likely to be attacked this year.
Despite the increase in cyberattack volumes, techniques employed by attackers, such as phishing, malware, and social engineering, remained relatively constant, the survey found.
“The decrease in ransomware attacks, coupled with the steady state of phishing, malware and social engineering, hint at one of the basic truisms of cybersecurity – the greatest weakness in organizations is often its individuals,” observed ISACA Director of Cybersecurity Frank Downs in a blog post.
“Proven attack tools, such as phishing, social engineering, and malware, are here for the long-haul. As long as individuals do not practice appropriate cybersecurity hygiene, they will remain the main attack methods for malicious actors who are attempting to defraud organizations,” wrote Downs.
In addition, motivation hasn’t changed. Money is still the primary motivation for most cyberattacks.
The ISACA survey also found that 39 percent of respondents are not at all familiar or only slightly familiar with active defense strategies, such as using honeypots and sinkholes. Of those who are familiar with active defense strategies, only half are using them.
“This is a missed opportunity for security leaders and their organizations,” said Downs. “ISACA’s research indicates that active defense strategies are one of the most effective countermeasures to cyberattacks. A full 87 percent of those who use them indicate that they were successful.”
To combat the increase in cyberattacks, ISACA recommended that organizations consider the following measures:
Invest in talent—With attacks still on the rise, enterprises must continue to invest in finding, retaining, and training skilled cybersecurity professionals.
Explore automation benefits—Enterprises should consider automation-driven strategies and tools for detection and to support recovery and response efforts.
Invest in security controls—With attack vectors not changing, existing control types are still valid and useful. Enterprise investment and attention to security controls should increase in line with the frequency of attack vectors.
“Attacks are becoming more prevalent, attackers are adapting and evolving the methods they employ, and enterprises are shifting their defense strategies in response,” ISACA concluded.