Ransomware groups are increasingly targeting healthcare institutions through remote access systems, compromising patient data and shutting down facilities. Users of these systems include remote employees, physicians, radiologists, and vendors. Recommendations by patient safety organization, ECRI, include secure configuration of remote systems, auditing logs and traffic from these systems and the creation of incident response plans. Paying a ransom is not advised as it incentivizes more attacks and does not guarantee system recovery.

The NHS needs to tighten its third-party supplier cybersecurity
The NHS should proactively fortify cybersecurity within its third-party software suppliers following recent damaging ransomware attacks, says Jonathan Lee from Trend Micro. He suggests implementing