Ransomware, or the encrypting of a victim’s data until a ransom is paid, is one of the scariest of the many scary things companies face. And health care organizations should be a bit more frightened because, for some reason, this sector is the main target of these hackers.
Data from Solutionary says that health care organizations are 114 times more likely to be the target of ransomware than financial firms and 21 times more likely than educational institutions. Put another way: The firm tracked these exploits and found that health care was targeted 88 percent of the time, though it represented only 7.4 percent of its client base, according to Network World.
The security firm offers three possible explanations for the inordinate amount of attacks on health care companies: The high number of non-profit health care organizations suggests that budgets are low and security not as up to date or sophisticated, and these organizations simply have a lot of data to target and much of it is life and death. The criticality of the data makes it more likely that executives will feel compelled to do anything, including paying a ransom, to regain control.
The industry is striking back against ransomware. No More Ransom, an industry group effort, has officially launched. Founding members of the group are Kaspersky Lab, Intel Security, Europol’s European Cybercrime Centre, the Dutch High-Tech Crime unit and Amazon Web Services, according to eWeek. The organization has real tools behind it:
One of No More Ransom's key assets is decryption keys for the Shade ransomware family. Shade is a popular ransomware Trojan that first emerged in 2014. Since then, Intel Security and Kaspersky have been able to block approximately 27,000 attempts to attack users with Shade. It's not clear how many users were infected with Shade, but thanks to the actions of law enforcement, victims now have an easy way to recover their data.
In total, the organization has 160,000 decryption keys that can help Shade victims. The goal is to expand the fight to other forms of ransomware.
Another sign that the fight against ransomware is moving in the right direction is an offer from SentinelOne, a security company. The company’s Cyber Threat Guarantee will pay as much as $1 million in damages to users of its software that become ransomware victims, according to Computerworld.
Though these are good signs, victory is not nearly at hand. The problem is not going away. For one thing, attacks continue to escalate. Solutionary said that ransomware attacks increased by 198 percent from the beginning of February to the end of May. Better detection and more attacks drove the higher numbers.
It’s also clear that it’s a complicated fight. The SentinelOne offer is impressive. No company would put such a plan on the table if it didn’t have a lot of confidence. But it is not a claim of victory. Jeremiah Grossman, the company’s chief of security strategy, didn’t say that the company would never have to pay out on the guarantee. He told Computerworld that the company’s failure rate is “way less than 1 percent.” That’s a good record, but not a perfect one.
Carl Weinschenk covers telecom for IT Business Edge. He writes about wireless technology, disaster recovery/business continuity, cellular services, the Internet of Things, machine-to-machine communications and other emerging technologies and platforms. He also covers net neutrality and related regulatory issues. Weinschenk has written about the phone companies, cable operators and related companies for decades and is senior editor of Broadband Technology Report. He can be reached at firstname.lastname@example.org and via twitter at @DailyMusicBrk.