Following the news that the WannaCry attack cost the NHS £92million, Mollie MacDougall, Threat Intelligence Manager at Cofense, briefly discusses the importance of employees as the last line of defence against cyber-attacks.
Ransomware is still a very potent threat to organisations of all sizes and phishing has been a very viable delivery mechanism for ransomware attacks. The NHS has increased infrastructure investment to £60m this year, but if that investment is focused solely on technology solutions, regular back-ups, anti-virus software and wider security technology, it will not be enough – as many phishing emails have the ability to bypass these technologies and land in a user’s inbox.
By training and conditioning employees to recognise and report suspicious emails, organisations have a much better chance of stopping active attacks in progress instead of relying on technology alone to do so.
While there are many checkboxes organisations must check to defend against ransomware attacks, employees are an invaluable last line of defence. When properly trained torecognise and report suspicious emails, your network users directly aid security operations and incident response teams with valuable intelligence needed to actually stop the attack in progress.
The healthcare industry is at high risk for cyberthreats and especially ransomware attacks, as interrupted access to their systems can have dangerous and even life-threatening consequences for patients. According to the findings in our recent study, which takes a closer look at phishing in the healthcare industry, the sector lags behind twenty other major industries when it comes to resiliency in identifying phishing attacks.
If there is one lesson healthcare organisations can learn from these trends, it is to have appropriate anti-phishing programs in place that build on existing security capabilities, to include augmenting incident response efforts with real-time human-intelligence.
Phishing keeps proving itself to be a successful vehicle for delivering damaging malware like ransomware, and as threat actors continue to find ways to bypass automated defences, so too must network users be educated and armed to be a successful last line of defence against them.