Back in December of 2021, the Maryland Department of Health suffered a ransomware attack that rendered quite a few services unavailable. Let’s take a few moments to look back at this attack to see what can be learned from it.
First, let’s consider what happened.
The Maryland Department of Health Was Taken Down by Ransomware
On December 4, 2021, the MDH experienced what they described as a “service disruption” after suffering from a “network security incident,” according to an update posted to the official Maryland Department of Health website. For your convenience, we’ve compiled the key information from this announcement for you:
- A ransomware attack successfully targeted the MDH and caused a disruption of service.
- In response, the MDH went offline to take an account of what parts of its infrastructure had been affected. At the same time, efforts were made to resume COVID-19 data reporting and to restore the impacted systems.
- As of yet, there is no indication that any health data was compromised.
- The MDH Office of Constituent Services is accepting additional questions about the event.
During the attack, however, many key services (including COVID tracking data and essential health department functions were taken down… never a good thing.
The incident was first discovered when MDH employees noticed that a server was down. This detail is important, as we’ll return to later. It has also been reported that the payment demanded through the ransomware was denied, and that the use of MD THINK (Maryland’s Total Human-services Integrated Network) allowed many of the MDH’s critical processes to continue.
In the meantime, the MDH is moving forward deliberately, taking care and time to do things right so that all the data and needed information that can be recovered is properly restored and sufficiently protected this time around.
These Events Provide Some Major Takeaways for Businesses
Ransomware Should Not Be Taken Lightly
This might be the most obvious takeaway from this event, but it still bears repeating: ransomware is a serious threat, and requires the shared effort of an entire organization to effectively mitigate. This is truly one of those “only as strong as your weakest link” moments. As ransomware often takes advantage of phishing and its many forms to sneak past your cybersecurity protections, your team needs to be on their guard against it. Educate them on how to spot potential threats and reinforce that IT is there to help them if they encounter one.
Cloud-Based Services Can Potentially Keep Your Business Afloat
The report also credited MD THINK with the Department of Health’s capability to continue many of their services. As a cloud-based service, the MDH ransomware attack didn’t influence it, which allowed some of their operations to carry on. Many modern threat actors realize that they don’t necessarily need to destroy your business’ data to hurt you… they just need to cut off your access to it. The cloud offers a way to stop that from happening, either as a backup service or as a means of isolating your essential resources from your operational location.
Your Employees Are Your Eyes and Ears Against Cyberthreats
If your business is ever targeted by ransomware, it is important to remember that it doesn’t need to target a C-level member of your organization. Ransomware can cause damage at any level, which means that everyone needs to be brought up to speed on their cybersecurity practices.
In fact, you would be best served by shifting your perspective of your employees entirely by training them to be one of your greatest defenses. A well-educated workforce will know to look for the warning signs of phishing and other signs of issues, so make sure you do what you need to do so that they can serve this purpose for your business.
You Can Trust Dresner Group to Help Protect Your Business
We’ll be an additional line of defense to help ensure your business is protected against a variety of threats. Reach out to us today to learn more about what we can do to help protect your business against ransomware and other modern threats at (410) 531-6727.