Ransomware... WTF! (What're the Facts)
4 facts about ransomware & the innovation of data protection
Fact #1 Ransomware is practically unstoppable.
1 of the facts about ransomware is: Ransomware has been around longer than most entities, and businesses today. According to Becker’s Hospital Review, the first known ransomware attack occurred in 1989 and targeted the healthcare industry. 28 years later, the healthcare industry remains a top target for ransomware attacks. As technology has advanced, cyber thieves have gained an advantage by building on system innovation. Just today, November 21st, 2019, it was confirmed by Nir Gaist, Founder and CTO of Nyotron, a recognized information security expert and ethical hacker, discovered a Windows 10 evasion technique called “RIPlace” that, when used to maliciously alter files, bypasses most existing ransomware protection, by using only 2 lines of code. This level of ransomware attack is predicted to be worse than “WannaCry” from May 2017, because unlike WannaCry, there is no forseen prevention.
FACT #2 Ransomware has one job, to hijack your data for your money.
Ransomware was originally intended to target individuals, who still comprise the majority of attacks today, with a typical ransom of $500.00. Hacker success has broaden the revenue of ransomware up to the millions.
Large companies have reported their ransoms to be as high to $50,000, though a ransomware attack last year against a Los Angeles hospital system, Hollywood Presbyterian Medical Center (HPMC), allegedly demanded a ransom of $3.4 million. The attack forced the hospital back into the pre-computing era, blocking access to the company’s network, email, and crucial patient data for ten days.
Ultimately, the company only paid $17,000 to regain access to its critical data after being blocked from essential computer systems and communications services. An update from HPMC indicates that the initial reports of a ransom demand of $3.4 million were inaccurate, and that the hospital paid the requested $17,000 (or 40 Bitcoins at the time) in order to quickly and efficiently restore operations. A little over one week later, the Los Angeles County Department of Health Services was infected with a program that blocked the organization’s access to its data. However, the that the agency successfully isolated infected devices and did not pay the ransom.
Fact #3 CYBER INNOVATION IS CRUCIAL TO DATA PROTECTION
There’s no question every business depends on data and requires a solution to protect it. In fact, 93 percent of organizations go bankrupt within a year of losing access to their data for 10 or more days, according to the U.S. National Archives and Records Administration. As data protection challenges have evolved over time, the stakes for have gotten higher. Today, it’s clear that uniquely robust tools are required to ensure data is safe and your businesses can keep running no matter what.
The fact is, innovation is crucial. It is also a fact that innovative does not only mean inventing. Innovation generally refers to changing processes or creating more effective processes, products and ideas. Technology scammers and hacker have been winning in this cyber war by playing on the wave of technology and adapted their tactics. Businesses inevitably loss time, money, and clients by saving time and money on their methods of protecting their systems, data, and customer’s information. But the real fact is businesses will save time and money by learning about next-gen cyber protection.
Cyber Protection has Five Core Characteristics:
- Safety: Ensuring that a reliable copy of your data is always available
- Accessibility: Making it easy for your data to be available from anywhere,
at any time
- Privacy: Controlling visibility and access to your data
- Authenticity: Providing an easy way to prove that a copy is an exact replica
of the original
- Security: Protecting against threats and malicious agents
Must report the breach to OCR as soon as possible, but no later than 60 days after the discovery of a breach affecting 500 or more individuals
There’s no question every business depends on data and requires a solution to
protect it. In fact, 93 percent of organizations go bankrupt within a year of losing
access to their data for 10 or more days, according to the U.S. National Archives
and Records Administration.
It is important to know, OCR considers all mitigation efforts taken by the entity during in any particular breach investigation. Such efforts include voluntary sharing of breach-related information with law enforcement agencies and other federal and analysis organizations as described above.