26% of Orgs Would Pay Ransomware After Healthcare Cyberattack

Discussion in 'AppGuard (Blue Ridge Networks)' started by Lockdown, Nov 19, 2017.

  1. Lockdown

    Lockdown From AppGuard
    Developer

    Oct 24, 2016
    2,705
    11,848
    AppGuard LLC Virginia, U.S.
    26% of Orgs Would Pay Ransomware After Healthcare Cyberattack
    A recent survey found that nearly one-quarter of UK and US healthcare organizations would pay a ransomware demand following a healthcare cyberattack.

    26% of Orgs Would Pay Ransomware After Healthcare Cyberattack

    [It's absolute stupidity to pay the ransom because paying the ransom only emboldens the criminals and makes them more aggressive - it is like negotiating with terrorists and giving them what they want - that's my personal opinion. I've also noted a trend among hospital administrators openly stating that it would be cheaper and more convenient for them to pay the ransom instead of taking on the burden (cost and logistics of integration) of effective security. What do you think should happen to administrators that adhere to such a position ?]
     
    mlnevese, Weebarra, Opcode and 6 others like this.
  2. Danielx64

    Danielx64 Level 8

    Mar 24, 2017
    396
    1,690
    Australia
    Windows 10
    ESET
    Well for one I think they should be fired for thinking like that, did they forget that they (or rather the business) can be sued? Also, how do you know if you will even get the data back, and if you do, how do you know that it hasn't been playing around with (tampered).

    Besides I was under the impression that much of the systems can't be online unless that only applies to medical equipment.
     
    Weebarra, plat1098, Opcode and 3 others like this.
  3. shukla44

    shukla44 Level 10

    Jan 14, 2016
    480
    4,527
    India
    Windows 7
    Kaspersky
    Well prevention is always better & cheaper... well, most of the time. Anyone (individual or organisation) not applying prevention methods to avoid a crisis doesn't have anything important to protect or just doesn't care. That are the people first to pay.
     
  4. Lockdown

    Lockdown From AppGuard
    Developer

    Oct 24, 2016
    2,705
    11,848
    AppGuard LLC Virginia, U.S.
    Many hospitals are still using Windows XP - so obviously prevention is not a priority for them.
     
    Weebarra, Opcode, harlan4096 and 4 others like this.
  5. cimmay

    cimmay Level 2

    Oct 24, 2017
    59
    134
    seattle
    Windows 10
    ESET
    #5 cimmay, Nov 19, 2017
    Last edited: Nov 19, 2017
    I would have to side with the Hospital's decision to pay a ransom demand. It's just money. Whereas the other choice is life and lawsuits. Security measures are slightly behind a hacker's talents.

    For all time, a computer creates more problems than it solves.
     
    shukla44, Weebarra and Opcode like this.
  6. Mr.X

    Mr.X Level 6

    Aug 2, 2014
    289
    877
    PC Tech
    Mexico
    o_O Thought that could only happen in Mexico. :devil:
     
    Weebarra, cimmay and Opcode like this.
  7. Opcode

    Opcode Level 18
    Content Creator

    Aug 17, 2017
    890
    6,302
    Caille
    Windows 10
    I think that the ransom should not be paid because this encourages the malware authors to keep developing ransomware and infect people with it; the more encouragement means for more of this behavior to be continued. If malware authors didn't make any money from ransomware then it wouldn't be a thing, however ransomware is extremely prevalent now due to the demand for money being successful thanks to victims who pay up.

    I think a better approach would be to keep the systems updated with the latest version of Windows (and updates applied once verified it will work smoothly with the running software - update the software for compatibility if there is a problem), good end-point security solution being applied, regular back-ups made to reduce the damages in the case of data loss, and employees being internally/externally trained to become updated with the latest attacker techniques so their awareness is raised and so good and safe practices are being applied by default. Locking down the system and instructing for the user how to do things if necessary which are restricted after proper verification has taken place is also not a bad idea (better still, lock down the system and remove the ability to work-around it in an business environment until a qualified administrator who really knows what they are doing has done checks before doing something for them).

    A lot of administrators in professional, business environments don't really know what they are doing to the standard they should when it comes to security IMO. Pick any school or business you want, I really would not be surprised if the administrator of a picked choice isn't aware that a virus is a type of malicious software, nor is aware of the many different types of malware. Once during education, I had to do a computer-based exam... Signed into an administrator account for god sake.

    When people don't take proper precautions and end up being infected, they may resort to paying the ransom with the hope of getting back important affected documents. Some do not even wait for security analysts to check if a decryption tool can be developed (because some ransomware doesn't perform the encryption routine properly, or doesn't patch up vulnerabilities which can be abused to retrieve the private key regardless) before paying the ransom.

    Protection is not just about preventing an attack, but also preventing loss of data after an attack. A backup is a very good thing to have at all times in-case you do become successfully attacked, to reduce the damage impact of data loss (data loss prevention safety routine, whatever you want to call it).

    Many people on these forums use a backup, it doesn't take much time at all to make a good system backup image and securely store it, or keep documents up-to-date. Even a simple removable device securely stored containing backed up documents which are critical which have passed through some form of encryption (or strong password-protected archive) is better than nothing for sure.

    At least Microsoft is focusing a bit more on data-loss prevention with their new folder access control feature (cannot remember the exact name for the feature). The only problem is it isn't adapted for an inexperienced home user to operate it properly, too confusing for them IMO. Needs to be more straight-forward and simple.
     
    shukla44, Weebarra, bribon77 and 2 others like this.
  8. klaken

    klaken Level 2

    Oct 11, 2014
    84
    164
    Student
    Chile
    Windows 7
    Comodo
    They think it is better to pay 1 time than to pay a security system every month.

    They should not even update windows .. They should only have an automatic copy system or a good security system (UTM).

    Take into account that I do not think they will be attacked every day or week. In general, infections come from users who will do anything.
     
  9. Umbra

    Umbra From Emsisoft
    Developer

    May 16, 2011
    17,163
    29,643
    Community manager
    Vietnam & France
    Windows 10
    Emsisoft
    Most SMBs sysadmin are just IT network guys, few have real skills with security, they are just asked to fix issues and make the network usable, that is it.
     
    Danielx64 and Opcode like this.
  10. Danielx64

    Danielx64 Level 8

    Mar 24, 2017
    396
    1,690
    Australia
    Windows 10
    ESET
    That is also true, some have some GPO skills and know how to lock down the firewall on the workstion but that's it. How many know how to set up a pi-hole or proxy server based on Squid or even Web Safety by Diladele B.V. (Web Safety)
     
  11. Umbra

    Umbra From Emsisoft
    Developer

    May 16, 2011
    17,163
    29,643
    Community manager
    Vietnam & France
    Windows 10
    Emsisoft
    Not saying some can't even secure their network properly because their CEO refuses to spend more money or want the latest fancy apps that is always infected on his machine :p
     
  12. Danielx64

    Danielx64 Level 8

    Mar 24, 2017
    396
    1,690
    Australia
    Windows 10
    ESET
    That also my problem, I would love to spend 2K on a UTM with all the bells but the CEO doesn't have the cash to do it.
     
  13. klaken

    klaken Level 2

    Oct 11, 2014
    84
    164
    Student
    Chile
    Windows 7
    Comodo
    You can not use comodo either, their free versions can be used in small companies.
    Ex: Comodo internet segurity
    Cdome bunies (as it is new give license freeXD)

    I'm not sure how comfortable UTM but you do not lose anything with review ..... I do not know how difficult they will be to use or how complete, but worse is nothing.
     
  14. Danielx64

    Danielx64 Level 8

    Mar 24, 2017
    396
    1,690
    Australia
    Windows 10
    ESET
    Sorry, I am not understanding your English, is that a name of a piece of software?
     
  15. klaken

    klaken Level 2

    Oct 11, 2014
    84
    164
    Student
    Chile
    Windows 7
    Comodo
  16. Danielx64

    Danielx64 Level 8

    Mar 24, 2017
    396
    1,690
    Australia
    Windows 10
    ESET
    #16 Danielx64, Nov 20, 2017
    Last edited: Nov 20, 2017
  17. klaken

    klaken Level 2

    Oct 11, 2014
    84
    164
    Student
    Chile
    Windows 7
    Comodo
    Shopping Cart
    This is to get a commercial version of comodo dome shield free of charge.
    Comodo dome shield is independent so there should be no dilemmas to put it on each pc.
    The version comodo dome shield allows to be used with comfortable one, this is free since they are paid only for specific services.


    The system is the one of payment of comodo. So it would be like you would pay 0 for the product ..
    It would be good if you read the conditions yourself or ask questions in the forum.
    Some comfortable policies

    2.1-Comodo Internet Security (CIS) may be used royalty-free for both commercial and personal use. CIS includes the Comodo Firewall and Antivirus products. No technical or customer support is provided for CIS separate from the Products described in section 2.5. Installation of CIS may include installation of addition.
    5.1. Term. This Agreement is effective until terminated by Subscriber or by Comodo. Subscriber may only use the paid Product during the period for which Subscriber has paid the subscription fee. The subscription may be renewed by paying an additional license fee as set forth on the Comodo website.
     
Loading...
Similar Threads Forum Date
Security Alert Medical Devices in the Crosshairs with 36% of Orgs Attacked Security News Aug 15, 2017
Security Alert Orgs Have Failed to Make Necessary Security Improvements Since WannaCry & Petya Security News Aug 11, 2017
Alarming Percentage of Orgs Can't ID a Data Breach News Archive Apr 21, 2016