Cyber Insurer Offers Some Ransomware Insights

Uploaded on 2016-04-25 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

MedStar Health's 10 hospitals, and several other North American hospitals, have fallen prey to malware attacks in recent weeks.

The attacks, many involving ransomware, highlight why it's so important for healthcare organizations to take critical steps to avoid becoming the next victim, says technology expert Craig Musgrave of The Doctors Company, a provider of cyber insurance and medical liability coverage.

"The No. 1 issue is social engineering; it's the employee negligence," Musgrave says in an interview with Information Security Media Group. All healthcare organizations "should be providing training for all employees .... [because] over 80 percent of the attacks are made possible by human error where they'll click on a link or open an email attachment. If we can train the staff to avoid downloading [suspicious files] or bringing USB devices into the systems, then that's going to cut out a lot of the [ransomware] events that are happening."

But if an employee does make the mistake of clicking on an attachment that launches malware, healthcare organizations must take swift steps to mitigate the impact, he says.

"From the technical standpoint, the IT department needs to be making sure they have the appropriate controls in place around firewalls, application whitelisting and ... intrusion detection," he says.

"You need to be able to detect that something is going on very quickly so that you can stop it from spreading across the organization," Musgrave explains. "Once you're at that point where you can isolate [an infected] computer and take it off the network, then it gets down to how good are your backups, and can you restore systems as quick as possible."

Some hospitals have been able to recover from ransomware attacks without paying extortionists because they had well-prepared backups that enabled them to restore systems and data reasonably swiftly, he says. But other hospitals have had a more difficult struggle because the ransomware spread to main computer systems within the organization, making it more challenging to mitigate the attack, he says.

Hospital Attacks

In February, Hollywood Presbyterian Medical Center in California confirmed that it paid extortionists a $17,000 bitcoin ransom to unlock its data, which was maliciously encrypted by extortionists using ransomware.

But some other hospitals battling recent ransomware attacks, including Chino Valley Medical Center and Desert Valley Hospital in California, have confirmed that that they were able to recover from the attacks without paying ransoms.

DataBreachToday:

« German Police Catch Suspect in Global Cyber Crime Operation
The Delayed FinTech Revolution »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Arcitura Education

Arcitura Education

Arcitura is a leading global provider of progressive, vendor-neutral IT training and certification programs.

FIRST Conference

FIRST Conference

Annual conference organised by the Forum of Incident Response and Security Teams (FIRST), a recognized global leader in computer incident response.

NordForsk

NordForsk

NordForsk facilitates and provides funding for Nordic research cooperation and research infrastructure. Project areas include digitalisation and digital security.

ACI Solutions

ACI Solutions

ACI Solutions is a managed IT services and network security provider working with diverse global commercial, government and public sector clients.

Cyber Risk Opportunities

Cyber Risk Opportunities

Cyber Risk Opportunities was formed to enable middle-market executives to become more proficient cyber risk managers so their organizations can thrive.

IPQualityScore (IPQS)

IPQualityScore (IPQS)

IPQS anti-fraud tools provide a real-time fraud score to analyze how likely a user or visitor is to engage in fraudulent behavior.

Cyber Physical Security Research Center (CPSEC)

Cyber Physical Security Research Center (CPSEC)

CPSEC aims to contribute to the security enhancement of industrial infrastructure that creates value across cyber space and physical space.

Beauceron Security

Beauceron Security

Beauceron's cloud-based platform gives employees a powerful personal cyber-risk coach empowering them to improve their cybersecurity practices and behaviours.

ISTC Foundation

ISTC Foundation

ISTC Foundation is one of the leading innovation centers in Armenia, founded by joint initiative of IBM, USAID, Armenian Government and Enterprise Incubator Foundation.

Riskaware

Riskaware

CyberAware, by Riskaware, provides business-critical cyber attack analysis and impact assessments using NIST standards aligned with NCSC guidance.

Astrill VPN

Astrill VPN

Astrill VPN is a Seychelles based Virtual Private Network(VPN) Company.

HTL Support

HTL Support

HTL Support, your trusted partner for comprehensive IT support in London. We specialize in delivering top-tier IT solutions tailored to both large enterprises and small businesses.

Next DLP

Next DLP

Next DLP (formerly Jazz Networks) is a leading provider of insider risk and data protection solutions.

XBOW

XBOW

XBOW brings AI to offensive security, augmenting the work of bug hunters and security researchers.

StrongDM

StrongDM

StrongDM is the leader in Zero Trust Privileged Access Management (PAM).

Cure53

Cure53

Cure53 offers classic black-box penetration tests (zero-knowledge) as well as white-box tests and code audits.