Extortion through Ransomware
It is a universally acknowledged notion that attack vectors have always evolved and would continue to evolve over time; ransomware constitute the most blatant piece of evidence for such an evolution. Cyber security experts warn that ransomware such as WannaCry clearly portend clearly the manner in which the industry as a whole could be attacked. Hackers are bound to capture crucial data belonging to the organizations—both government and private— in exchange of a huge sum, failing which the data would either be deleted or leaked in the public domain. Initially witnessed in the finance sector, ransomware is now moving on to maintain a stranglehold over other domains; among them is the healthcare, which is evident from the ransomware attack on a non-profit cancer foundation in the U.S.
Pseudo-ransomware that initially give the feel of a virus but can actually lock the access to confidential data, has been giving sleepless nights to healthcare organizations. The penetration of pseudo-ransomware into the insurance sector has been another matter of grave concern, for it could disrupt the health insurance segment. The threat of ransomware to healthcare organizations, to an extent is fueled by the hospital leaderships themselves. While most of the smaller hospitals lack adequate focus on cyber security, different departments within others tend to function as silos, thereby upping the risk of an attack.
In order to safeguard themselves from being held to ransom by the hackers, organizations need to target the low hanging fruits of practicing a culture of cyber hygiene and regulating the employees to follow the due protocols pertaining to password management or spam content. Although cyber security solutions must focus on compliance with acts such as HIPAA although necessary, cannot solely guarantee the security and integrity of an enterprise environment. The IT departments ought to be more circumspect and ensure that activities like patching are performed at regular intervals to prevent the enterprise environment from being breached into.
By Nancy S. Wolk, CIO, Alcoa - Global Business Services
By John Kamin, EVP and CIO, Old National Bancorp
By Gregg T. Martin, VP & CIO, Arnot Health
By Elliot Garbus, VP-IoT Solutions Group & GM-Automotive...
By Bryson Koehler, EVP & CIO, The Weather Company, an IBM...
By Gregory Morrison, SVP & CIO, Cox Enterprises
By Adrian Mebane, VP-Global Ethics & Compliance, The Hershey...
By Lowell Gilvin, Chief Process Officer, Jabil
By Dennis Hodges, CIO, Inteva Products
By Gerri Martin-Flickinger, CIO, Adobe Systems
By Walter Carvalho, VP& Corporate CIO, Carnival Corporation
By Mary Alice Annecharico, SVP & CIO, Henry Ford Health System
By Bernd Schlotter, President of Services, Unify
By Bob Fecteau, CIO, SAIC
By Kushagra Vaid, GM, Server Engineering, Microsoft
By Steve Beason, Enterprise CTO, Scientific Games
By Steve Bein, VP-GIS, Michael Baker International
By Jason Alan Snyder, CTO, Momentum Worldwide
By Jim Whitehurst, CEO, Red Hat
By Alberto Ruocco, CIO, American Electric Power