26% of Orgs Would Pay Ransomware After Healthcare Cyberattack

Status
Not open for further replies.
5

509322

Thread author
26% of Orgs Would Pay Ransomware After Healthcare Cyberattack
A recent survey found that nearly one-quarter of UK and US healthcare organizations would pay a ransomware demand following a healthcare cyberattack.

26% of Orgs Would Pay Ransomware After Healthcare Cyberattack

[It's absolute stupidity to pay the ransom because paying the ransom only emboldens the criminals and makes them more aggressive - it is like negotiating with terrorists and giving them what they want - that's my personal opinion. I've also noted a trend among hospital administrators openly stating that it would be cheaper and more convenient for them to pay the ransom instead of taking on the burden (cost and logistics of integration) of effective security. What do you think should happen to administrators that adhere to such a position ?]
 

Danielx64

Level 10
Verified
Well-known
Mar 24, 2017
481
[ What do you think should happen to administrators that adhere to such a position ?]

Well for one I think they should be fired for thinking like that, did they forget that they (or rather the business) can be sued? Also, how do you know if you will even get the data back, and if you do, how do you know that it hasn't been playing around with (tampered).

Besides I was under the impression that much of the systems can't be online unless that only applies to medical equipment.
 

cimmay

Level 2
Verified
Oct 24, 2017
58
It's absolute stupidity to pay the ransom because paying the ransom only emboldens the criminals and makes them more aggressive

I would have to side with the Hospital's decision to pay a ransom demand. It's just money. Whereas the other choice is life and lawsuits. Security measures are slightly behind a hacker's talents.

For all time, a computer creates more problems than it solves.
 
Last edited:
D

Deleted member 65228

Thread author
I think that the ransom should not be paid because this encourages the malware authors to keep developing ransomware and infect people with it; the more encouragement means for more of this behavior to be continued. If malware authors didn't make any money from ransomware then it wouldn't be a thing, however ransomware is extremely prevalent now due to the demand for money being successful thanks to victims who pay up.

I think a better approach would be to keep the systems updated with the latest version of Windows (and updates applied once verified it will work smoothly with the running software - update the software for compatibility if there is a problem), good end-point security solution being applied, regular back-ups made to reduce the damages in the case of data loss, and employees being internally/externally trained to become updated with the latest attacker techniques so their awareness is raised and so good and safe practices are being applied by default. Locking down the system and instructing for the user how to do things if necessary which are restricted after proper verification has taken place is also not a bad idea (better still, lock down the system and remove the ability to work-around it in an business environment until a qualified administrator who really knows what they are doing has done checks before doing something for them).

A lot of administrators in professional, business environments don't really know what they are doing to the standard they should when it comes to security IMO. Pick any school or business you want, I really would not be surprised if the administrator of a picked choice isn't aware that a virus is a type of malicious software, nor is aware of the many different types of malware. Once during education, I had to do a computer-based exam... Signed into an administrator account for god sake.

When people don't take proper precautions and end up being infected, they may resort to paying the ransom with the hope of getting back important affected documents. Some do not even wait for security analysts to check if a decryption tool can be developed (because some ransomware doesn't perform the encryption routine properly, or doesn't patch up vulnerabilities which can be abused to retrieve the private key regardless) before paying the ransom.

Protection is not just about preventing an attack, but also preventing loss of data after an attack. A backup is a very good thing to have at all times in-case you do become successfully attacked, to reduce the damage impact of data loss (data loss prevention safety routine, whatever you want to call it).

Many people on these forums use a backup, it doesn't take much time at all to make a good system backup image and securely store it, or keep documents up-to-date. Even a simple removable device securely stored containing backed up documents which are critical which have passed through some form of encryption (or strong password-protected archive) is better than nothing for sure.

At least Microsoft is focusing a bit more on data-loss prevention with their new folder access control feature (cannot remember the exact name for the feature). The only problem is it isn't adapted for an inexperienced home user to operate it properly, too confusing for them IMO. Needs to be more straight-forward and simple.
 

klaken

Level 3
Verified
Well-known
Oct 11, 2014
112
They think it is better to pay 1 time than to pay a security system every month.

They should not even update windows .. They should only have an automatic copy system or a good security system (UTM).

Take into account that I do not think they will be attacked every day or week. In general, infections come from users who will do anything.
 

Danielx64

Level 10
Verified
Well-known
Mar 24, 2017
481
Most SMBs sysadmin are just IT network guys, few have real skills with security, they are just asked to fix issues and make the network usable, that is it.
That is also true, some have some GPO skills and know how to lock down the firewall on the workstion but that's it. How many know how to set up a pi-hole or proxy server based on Squid or even Web Safety by Diladele B.V. (Web Safety)
 
D

Deleted member 178

Thread author
Not saying some can't even secure their network properly because their CEO refuses to spend more money or want the latest fancy apps that is always infected on his machine :p
 

Danielx64

Level 10
Verified
Well-known
Mar 24, 2017
481
Not saying some can't even secure their network properly because their CEO refuses to spend more money or want the latest fancy apps that is always infected on his machine :p
That also my problem, I would love to spend 2K on a UTM with all the bells but the CEO doesn't have the cash to do it.
 

klaken

Level 3
Verified
Well-known
Oct 11, 2014
112
That also my problem, I would love to spend 2K on a UTM with all the bells but the CEO doesn't have the cash to do it.
You can not use comodo either, their free versions can be used in small companies.
Ex: Comodo internet segurity
Cdome bunies (as it is new give license freeXD)

I'm not sure how comfortable UTM but you do not lose anything with review ..... I do not know how difficult they will be to use or how complete, but worse is nothing.
 

klaken

Level 3
Verified
Well-known
Oct 11, 2014
112
Shopping Cart
This is to get a commercial version of comodo dome shield free of charge.
Comodo dome shield is independent so there should be no dilemmas to put it on each pc.
The version comodo dome shield allows to be used with comfortable one, this is free since they are paid only for specific services.


The system is the one of payment of comodo. So it would be like you would pay 0 for the product ..
It would be good if you read the conditions yourself or ask questions in the forum.
Some comfortable policies

2.1-Comodo Internet Security (CIS) may be used royalty-free for both commercial and personal use. CIS includes the Comodo Firewall and Antivirus products. No technical or customer support is provided for CIS separate from the Products described in section 2.5. Installation of CIS may include installation of addition.
5.1. Term. This Agreement is effective until terminated by Subscriber or by Comodo. Subscriber may only use the paid Product during the period for which Subscriber has paid the subscription fee. The subscription may be renewed by paying an additional license fee as set forth on the Comodo website.
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top