The world of cyber threats just got even more serious. Forget about corporate espionage just being the stuff of movies, nowadays cyber criminals are executing attacks at high speed and it looks like any business with an Internet connection is vulnerable.
Ransomware, which is not new by any means, has been getting a lot of exposure in the media lately. Recently, a California hospital, ‘Hollywood Presbyterian medical center’ found itself at the center of one of these malicious attacks. According to experts, the hospital system would have been compromised by an infected email, clicked open by an unsuspecting employee, that stealthily installed the malicious code that went undetected by hospital servers and established itself, then reporting back to cyber extortionists who implemented the attack. The ransomware locked up the hospital's files, removing all access to much needed patient files. While no one died at the hospital as a result of the attack, the impact on operations was significant with the hospital even having to resort to sending some patients to nearby clinics to continue their treatments.
In the end, the hospital was forced to pay the ransom a week later, after local police were stumped at how to handle the situation. The hackers' ransom was 40 Bitcoins (around $17,000), which has become a popular mode of payment amongst cyber criminals because of its anonymity and lack of regulation. The hospital paid the ransom and the systems were unlocked by the hackers.
Ransomware can be a very profitable business to be involved in by organized crime syndicates. Internet Security Company Symantec recently released a study on the subject that tracked one specific ransomware code and found that in one month, over 68,000 PCs were infected by the malware, with only 2.9% of users infected actually paying the ransom. While this may not sound like a massive conversion rate for the hackers, take into account the fact that the criminals would have banked over $334,000 in this month. Given the number of criminal syndicates involved and the overall scope of the problem, Symantec estimates that Ransomware nets criminals over $5 million per year from the scam.
So how can hospitals protect themselves against possible cyber extortion in the future? One way is to hire an independent Internet security firm that will be able to assess the risks to the current network. These advisors will use ethical hacking technology to determine the weak points in the system by using tools such as penetration testing. The results of the assessment help tailor a perimeter defense system to suit the hospital’s network as well as develop a strong incident response plan that addresses various types of potential attacks or breaches in the network.
All data and files should be backed up and stored safely, preferably with an outside provider that is credible and reputable in the storage of data. Encryption is another option that should be added to the defense arsenal to prevent cyber security breaches. By encrypting files, it will be difficult for an unauthorized person to steal them. However, it's important to stop extortionists at the point of entry in the first place and a solid perimeter defense using Firewall, IDS/IPS remains the first line of defense.
At the end of the day, hiring an industry recommended internet security specialist may add to expenses on the hospital's balance sheet, but paying out ransoms, or worse still, having patients' treatments impacted due to being locked out of the hospital's system, will cost a lot more to not only the balance sheet, but to the hospital's reputation as well.
By Rema Deo.