"Despite some ransomware attack groups making public statements regarding a ceasefire against organisations operating in the health sector during the COVID-19 pandemic, these organisations and sectors have continued to experience cyber-attacks. Attacks originate from threat actor groups ranging from criminal ransomware operators (whether or not they have declared a ceasefire) to nation state attackers, each with different capabilities and motives.
"Cyber attackers will often lie in wait for the opportune moment, releasing their attack at the point in time when they perceive cyber defences of their target to be weakened and / or when an attack can cause maximum disruption and impact. In this particular breach example, it comes at a time when the organisation is heavily involved in the vital Europe-wide mission to limit, treat, and vaccinate against COVID-19. In other examples, an attack might be planned and executed when a company is about to launch a new product to market, enter the busiest retail period of the year, or undertake a company acquisition or merger.
"Being aware of the cyber attackers mind set is important in anticipating, preparing for, and defending against such attacks. Businesses and organisations should consider identifying and planning for recurring or one-off events in their organisational lifecycle when they might become a likely target of attack and ensure that robust people, process, and technology based defence and response systems are in place to deal with threats."