The Verge recently published an article, announcing that a Los Angeles hospital was the victim of a data breach using ransomware. In most cases, a ransomware hacker charges several hundred dollars, and in some cases a few thousand dollars, to release the data. In this case, the ransom is $3.6 million dollars, which is unprecedented. Such a large price tag begs the question, why are they asking so much?
Well, it’s certainly no coincidence. The hostage takers know exactly how much data they’ve compromised, they know exactly who their victim is, and they know that $3.6 million is an amount their victim could afford to pay.
The Negotiation
The hospital ended up paying $17,000 in bitcoin to the hackers. Certainly not the $3.6 million they had asked for but none-the-less a very successful enterprise for these cyber criminals.
What can we learn from this?
First of all, this is a classic example of a hack; there is nothing new here. Secondly, social engineering works very well, which is why it’s still being used:
Compromise happens within minutes, not days or weeks. In the cyber security realm, we have something called the golden hour. If you are not able to Observe, Orient, Decide, and Act on a threat within the first hour, you are done before you even begin.
Practical Advice
Somewhere, somebody is probably saying to this hospital’s CSO, see I told ya so… but hindsight is always 20/20. Going forward what can this hospital do, and what can your business do to better protect yourselves? Great question – I’m glad you asked! Here are a few things you should absolutely be doing if you want to avoid a situation like this. This is by no means a comprehensive list, but it’s something actionable and a great place to start.
CONCLUSION:
Software like Carbon Black is an example of an endpoint protection product that is capable of stopping today’s threats. WatchPoint’s Comprehensive Cyber Security solution harnesses the power of Carbon Black by combining advanced endpoint protection with expert security analysts and incident responders. Click the video below, and in just two minutes you can learn how WatchPoint is protecting businesses from today’s cyber threats.