Wednesday, April 26, 2017

Ransomware epidemic will sustain to devastate healthcare industry

There is a ransomware epidemic prevailing across the industry of healthcare that indicates no signs of slowing down, in accordance to GreyCastle Security CEO Reg Harnish.

He asserts that healthcare is not any more susceptible to ransomware epidemic than other industries. But Harnish analyzes that—given the value of patient data and medical records—providers are the focus of cyber criminals who are aiming them with file-encrypting malware.

“You take their information away, and it usually threatens lives, patient safety and patient care, so they are much more likely to pay a ransom,” he adds.

Business is booming at GreyCastle, which is faing triple-digit growth year over year. The Troy, N.Y.-based consultancy has merely been in operation for 6 years, but Harnish asserts that his company is considered to be one of the largest cybersecurity risk assessment, advisory, and mitigation firms in the country.

“We’ve a very deep practice in healthcare, involving incident response where we have been addressing ransomware,” claims Harnish. “It is everywhere. This issue is not going away.”

When it comes to prevention, Harnish considers that healthcare agencies must conduct regular and systematic assessments to recognize, prioritize and measure cybersecurity risk. He points out that most ransomware epidemic cases appear “because an end user on the clinical staff or administration falls victim to a social engineering attack.”

To stop these kinds of breaches, Harnish suggests healthcare agencies adopt a heightened sense of awareness that comes from training end users on emerging cyber threats and what to do about them. “An effective awareness program that assists their employees and contractors to be capable to identify a social engineering attack and then report it is job No. 1,” he contends.

He says that Locky and Sage ransomware epidemic sustain to appear on the phishing threat landscape in the year of 2017. “The reality is that our adversaries are getting better faster,” in accordance to Harnish, who says ransomware is evolving in terms of ease-of-use, features, and functionality.

“They are selling this stuff merely like Microsoft,” he adds. “They are in business to sell software or, in their case, malware. All of them today are undergoing a similar ype of evolution to (what we saw with) Microsoft Office. Cyber criminals aren’t a bunch of teenagers wearing hoodies. It is very organized and sophisticated.”

Harnish recommends that agencies have a response capability, which he analyzes as being critical for handling, coordinating and monitoring a cybersecurity tragedy from initial discovery through resolution. “They require having a response plan so if and when it happens, they can respond very rapidly,” he summarizes.

On the query of whether or not agencies should give in to the demands of cyber criminals using ransomware, Harnish claims that GreyCastle never suggests paying a ransom. “There is no guarantee that the ransom will work,” he cautions. “If you pay the ransom, you might not get decryption keys. And even if you do get decryption keys, they may not be the right ones.”

Moreover, Harnish warns that those agencies that pay a ransom then get put on a list of victims who’ve complied with ransomware demands. As an outcome, he says they are much more likely to be targeted again as a “paying” customer. “None of our customers have ever paid a ransom,” he adds.

 

No comments:

Post a Comment