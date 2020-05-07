Fresenius Hit By Ransomware – Expert Insight

Fresenius, Europe’s largest private hospital operator and a major provider of dialysis products and services that are in such high demand thanks to the COVID-19 pandemic, has been hit in a ransomware cyber-attack on its technology systems. The company said the incident had limited some of its operations, but that patient care continues.

EXPERTS COMMENTS
Jamie Akhtar, CEO and Co-founder,  CyberSmart
May 07, 2020
The World Health Organisation has reported a five-fold increase in attacks over the last two months.
There has been an enormous spike in cyber-attacks since the beginning of the coronavirus epidemic. And the healthcare industry, already stretched and now even more overwhelmed and distracted, is a prime target. The World Health Organisation has reported a five-fold increase in attacks over the last two months. It is critical that healthcare organisations prioritise security right now as a breach c ....
Javvad Malik, Security Awareness Advocate,  KnowBe4
May 07, 2020
The attack serves as a reminder that criminals are not slowing down their attacks despite being in the midst of a global pandemic.
It's unfortunate that even during times of the pandemic, criminals are attacking and crippling systems belonging to hospitals and other medical facilities. The attack serves as a reminder that criminals are not slowing down their attacks despite being in the midst of a global pandemic. In many cases, some are ramping up their activities. Therefore it's important for organisations to not slow dow ....
David Jemmett, CEO,  Cerberus Sentinel
May 07, 2020
As expected, the purported ceasefire on healthcare providers by ransomware operators has proven short-lived.
As expected, the purported ceasefire on healthcare providers by ransomware operators has proven short-lived. Rather than being rooted in any sort of altruism, the attackers were simply waiting for the optimum time to strike: when Fresenius was under immense strain as it attempted to meet the demands onset by the COVID-19 pandemic. This should act as a lesson to other healthcare providers and indus ....
Ilia Kolochenko, Founder and CEO,  ImmuniWeb
May 07, 2020
Unless the details of the attack investigation are disclosed, it would be premature to make any definitive conclusions.
This outrageous incident is a colorful validation of the FBI’s warning not to pay ransom. Reportedly, Fresenius has already paid a 7-digit ransom in the past to recover from a similar attack. Obviously, such a generous payment did not leave unscrupulous cybercriminals indifferent. Instead they quickly exploited the windfall and perfidiously re-raided this susceptible victim amid the crisis. Bein ....
Professor Oleg Kolesnikov, VP of Threat Research ,  Securonix
May 07, 2020
While the attack behaviours used by the malicious ransomware payload itself are fairly trivial, the golang-based payload encryption process.
In our experience, one of the things that sets the "snake/ekans" malicious threat actor reportedly involved in the Fresenius ransomware attack apart is a relatively high amount of manual effort/targeting typically involved in the operator placement activity, which can sometimes enable them to have a bigger impact on the victims. With some of the recent attacks observed, it appears that the malicio ....
Bob Rudis, Chief Data Scientist,  Rapid7
May 07, 2020
Organisations should apply the same logic they would to any incoming request for link clicking, document downloading, or charitable giving.
With Covid-19 pressing down upon us, we are again reminded of how critically important it is to secure our devices and networks so we can avoid impacting our currently over-strained hospital care environments further. These types of ransomware campaigns prey upon the fear, generosity and curiosity of the chosen victims to gain access to something of value, be it banking credentials or your device ....
Kelvin Murray, Senior Threat Research Analyst,  Webroot
May 07, 2020
COVID-19 will not stop hackers, but now is a good time for all organisations to review their incident plans and to update them as needed.
An increase in attacks targeting healthcare organisations suggests that hospitals are definitely one of the top targets for cyber-attacks at the moment. Clearly, COVID-19 is allowing cybercriminals to gain a higher rate of return by targeting healthcare providers because they firmly believe that organisations will pay their way out of an attack when under high-pressure factors. As the services t ....
