New information about the advancements is ransomware are raising the security stakes for business and healthcare. The proliferation of devices over the “Internet of Things” (IoT) and the lucrative nature of corporate and healthcare data have encouraged an old dog to learn some nifty – and dangerous – new tricks.
From the Home Workstation to the Enterprise Network
Ransomware is a relatively old idea in computing history, dating back to a Trojan released in 1989 that forced users to pay a fee to unlock an allegedly expired application. Around 1996, public key cryptography, the underlying method of attack for today’s malware, was introduced. Ransomware works by restricting access and/or encrypting data on a user’s infected system and then requiring payment to regain full accessibility.
Until a few years ago, ransomware was primarily exploited the systems of private individuals, but that model is rapidly changing due to growing trends in the cybersecurity landscape:
Ransomware-as-a-service. New forms of ransomware, such as Ransom32, are built on a NW.js framework that enables ransomware to be deployed on Windows, MacOS and Linux operating systems. This makes them potentially more ubiquitous, and it also becomes an attractive proposition for malicious hackers to offer an SaaS type of service for affiliate hackers to leverage, with part of the illicit proceeds going back to the original malware creator.
Vulnerability of health systems. Two factors combine to create significant risk in the healthcare industry. Outdated healthcare technology infrastructures and the newest medical devices may be worlds apart when it comes to innovation, but they share one thing in common: vulnerability. Forrester Research has reported that new medical devices can be exposed to dangerous – and we mean life-threatening – forms of malware and ransomware that can render them inoperable.
Value of healthcare records. The extent of personally identifiable private information in a health record makes them sought after for many reasons, and exploitation for financial gain is chief among them. Locking providers out of critical healthcare data until payment is rendered – in Bitcoin – is a growing threat, putting patients in danger, raising costs for providers, and creating HIPAA compliance nightmares.
Value of enterprise data. Attackers are also increasingly targeting a company’s valuable data, documents and innovations – particularly financial data and intellectual property at small- to mid-size enterprises where backup data processes may be lax but information is valuable to business operations. However, any company susceptible to malware through network vulnerabilities or human error can become victim of a ransomware attack.
Once infected with ransomware, options are limited. In fact, the FBI recently suggested that companies simply pay up. An article in Security Ledger noted that while the FBI should be contacted when ransomware attacks occur, the Bureau “may not be able to pry encrypted data from the clutches of the ransomware authors, who use ultra secure encryption algorithms to lock up ransomed data.” However, other industry professionals disagree, taking the position that paying ransom encourages further attacks and that due to the anonymity of the financial transaction, attackers may not restore access even after receiving funds.
Protect and Defend
Professional security companies like Tekkis can assist businesses in assessing their security position and minimizing the opportunities for hackers to exploit information systems. Evaluating technology and human resources, and testing the strength of your security tools and policies is a critical step in sealing the many potential vulnerabilities that enable viruses, malware and ransomware to invade your business. Investing in prevention of cyberattacks will keep your dollars protecting your company and your customers, not in the hands of criminals.