26% of Orgs Would Pay Ransomware After Healthcare Cyberattack

Lockdown

From AppGuard
Developer
Joined
Oct 24, 2016
Messages
3,014
#1
26% of Orgs Would Pay Ransomware After Healthcare Cyberattack
A recent survey found that nearly one-quarter of UK and US healthcare organizations would pay a ransomware demand following a healthcare cyberattack.

26% of Orgs Would Pay Ransomware After Healthcare Cyberattack

[It's absolute stupidity to pay the ransom because paying the ransom only emboldens the criminals and makes them more aggressive - it is like negotiating with terrorists and giving them what they want - that's my personal opinion. I've also noted a trend among hospital administrators openly stating that it would be cheaper and more convenient for them to pay the ransom instead of taking on the burden (cost and logistics of integration) of effective security. What do you think should happen to administrators that adhere to such a position ?]
 
Joined
Mar 24, 2017
Messages
467
OS
Windows 10
Antivirus
ESET
#2
[ What do you think should happen to administrators that adhere to such a position ?]
Well for one I think they should be fired for thinking like that, did they forget that they (or rather the business) can be sued? Also, how do you know if you will even get the data back, and if you do, how do you know that it hasn't been playing around with (tampered).

Besides I was under the impression that much of the systems can't be online unless that only applies to medical equipment.
 

Lockdown

From AppGuard
Developer
Joined
Oct 24, 2016
Messages
3,014
#4
Well prevention is always better & cheaper... well, most of the time. Anyone (individual or organisation) not applying prevention methods to avoid a crisis doesn't have anything important to protect or just doesn't care. That are the people first to pay.
Many hospitals are still using Windows XP - so obviously prevention is not a priority for them.
 
Joined
Oct 24, 2017
Messages
59
OS
Windows 10
Antivirus
ESET
#5
It's absolute stupidity to pay the ransom because paying the ransom only emboldens the criminals and makes them more aggressive
I would have to side with the Hospital's decision to pay a ransom demand. It's just money. Whereas the other choice is life and lawsuits. Security measures are slightly behind a hacker's talents.

For all time, a computer creates more problems than it solves.
 
Last edited:

Opcode

Level 28
Content Creator
Joined
Aug 17, 2017
Messages
1,733
#7
I think that the ransom should not be paid because this encourages the malware authors to keep developing ransomware and infect people with it; the more encouragement means for more of this behavior to be continued. If malware authors didn't make any money from ransomware then it wouldn't be a thing, however ransomware is extremely prevalent now due to the demand for money being successful thanks to victims who pay up.

I think a better approach would be to keep the systems updated with the latest version of Windows (and updates applied once verified it will work smoothly with the running software - update the software for compatibility if there is a problem), good end-point security solution being applied, regular back-ups made to reduce the damages in the case of data loss, and employees being internally/externally trained to become updated with the latest attacker techniques so their awareness is raised and so good and safe practices are being applied by default. Locking down the system and instructing for the user how to do things if necessary which are restricted after proper verification has taken place is also not a bad idea (better still, lock down the system and remove the ability to work-around it in an business environment until a qualified administrator who really knows what they are doing has done checks before doing something for them).

A lot of administrators in professional, business environments don't really know what they are doing to the standard they should when it comes to security IMO. Pick any school or business you want, I really would not be surprised if the administrator of a picked choice isn't aware that a virus is a type of malicious software, nor is aware of the many different types of malware. Once during education, I had to do a computer-based exam... Signed into an administrator account for god sake.

When people don't take proper precautions and end up being infected, they may resort to paying the ransom with the hope of getting back important affected documents. Some do not even wait for security analysts to check if a decryption tool can be developed (because some ransomware doesn't perform the encryption routine properly, or doesn't patch up vulnerabilities which can be abused to retrieve the private key regardless) before paying the ransom.

Protection is not just about preventing an attack, but also preventing loss of data after an attack. A backup is a very good thing to have at all times in-case you do become successfully attacked, to reduce the damage impact of data loss (data loss prevention safety routine, whatever you want to call it).

Many people on these forums use a backup, it doesn't take much time at all to make a good system backup image and securely store it, or keep documents up-to-date. Even a simple removable device securely stored containing backed up documents which are critical which have passed through some form of encryption (or strong password-protected archive) is better than nothing for sure.

At least Microsoft is focusing a bit more on data-loss prevention with their new folder access control feature (cannot remember the exact name for the feature). The only problem is it isn't adapted for an inexperienced home user to operate it properly, too confusing for them IMO. Needs to be more straight-forward and simple.
 
Joined
Oct 11, 2014
Messages
86
OS
Windows 7
Antivirus
Comodo
#8
They think it is better to pay 1 time than to pay a security system every month.

They should not even update windows .. They should only have an automatic copy system or a good security system (UTM).

Take into account that I do not think they will be attacked every day or week. In general, infections come from users who will do anything.
 

Umbra

Level 61
Content Creator
Trusted
Joined
May 16, 2011
Messages
17,790
OS
Windows 10
Antivirus
Default-Deny
#9
Most SMBs sysadmin are just IT network guys, few have real skills with security, they are just asked to fix issues and make the network usable, that is it.
 
Joined
Mar 24, 2017
Messages
467
OS
Windows 10
Antivirus
ESET
#10
Most SMBs sysadmin are just IT network guys, few have real skills with security, they are just asked to fix issues and make the network usable, that is it.
That is also true, some have some GPO skills and know how to lock down the firewall on the workstion but that's it. How many know how to set up a pi-hole or proxy server based on Squid or even Web Safety by Diladele B.V. (Web Safety)
 

Umbra

Level 61
Content Creator
Trusted
Joined
May 16, 2011
Messages
17,790
OS
Windows 10
Antivirus
Default-Deny
#11
Not saying some can't even secure their network properly because their CEO refuses to spend more money or want the latest fancy apps that is always infected on his machine :p
 
Joined
Mar 24, 2017
Messages
467
OS
Windows 10
Antivirus
ESET
#12
Not saying some can't even secure their network properly because their CEO refuses to spend more money or want the latest fancy apps that is always infected on his machine :p
That also my problem, I would love to spend 2K on a UTM with all the bells but the CEO doesn't have the cash to do it.
 
Joined
Oct 11, 2014
Messages
86
OS
Windows 7
Antivirus
Comodo
#13
That also my problem, I would love to spend 2K on a UTM with all the bells but the CEO doesn't have the cash to do it.
You can not use comodo either, their free versions can be used in small companies.
Ex: Comodo internet segurity
Cdome bunies (as it is new give license freeXD)

I'm not sure how comfortable UTM but you do not lose anything with review ..... I do not know how difficult they will be to use or how complete, but worse is nothing.
 
Joined
Oct 11, 2014
Messages
86
OS
Windows 7
Antivirus
Comodo
#17
Shopping Cart
This is to get a commercial version of comodo dome shield free of charge.
Comodo dome shield is independent so there should be no dilemmas to put it on each pc.
The version comodo dome shield allows to be used with comfortable one, this is free since they are paid only for specific services.


The system is the one of payment of comodo. So it would be like you would pay 0 for the product ..
It would be good if you read the conditions yourself or ask questions in the forum.
Some comfortable policies

2.1-Comodo Internet Security (CIS) may be used royalty-free for both commercial and personal use. CIS includes the Comodo Firewall and Antivirus products. No technical or customer support is provided for CIS separate from the Products described in section 2.5. Installation of CIS may include installation of addition.
5.1. Term. This Agreement is effective until terminated by Subscriber or by Comodo. Subscriber may only use the paid Product during the period for which Subscriber has paid the subscription fee. The subscription may be renewed by paying an additional license fee as set forth on the Comodo website.