Nietzsche said, “All great things must first wear terrifying and monstrous masks in order to inscribe themselves on the hearts of humanity”. Unfortunately, for the health sector the issues of ransomware, malware and hackers must worsen before things improve. This is not a sadistic estimation; rather, it is a prediction that the healthcare communities victimised by cybersecurity attacks will not be galvanised to action until significant impact has already occurred. Sadly, only after the threat is tangible, and the attack surface left unobscured will organisations shift their culture to address the threats looming on their threshold.
The latest digital epidemic to take the healthcare sector by storm is crypto ransomware. Ransomware is nothing more than weaponised encryption. It is unique in cybercrime because in order for it to be successful, it requires the victim to become a willing accomplice after the fact. Ransomware is dangerous because it requires virtually zero technical aptitude, so practically anyone can do it. Healthcare organisations, which used to be off-limits to cyberadversaries, are now the primary targets of many cyberthreats. This shift occurred recently, when healthcare organisations began digitally retaining more customer data, and when hospitals such as Hollywood Presbyterian hospital began to pay to end ransomware and other attacks.
The Threat: Facts
There are two primary cyber-criminal groups that capitalise on these unique attack vectors against hospitals; script kiddies and hackers for hire (aka Mercenary Hackers). Script kiddies are the toxic, parasitic ‘hacker wannabes’ clinging to the fringes of dark web forums. They possess limited, if any, tech sophistication and wreak havoc on the global population by spamming ransomware without any particular target. They are able to capitalise off of the few people that fall for the spoofed emails that read as if they are coming from online retailers or payment systems, for example. For the full article click here
from health IT caucus http://ift.tt/29gWoWE
via IFTTT
No comments:
Post a Comment