Members
  • Total Members: 14197
  • Latest: Levine
Stats
  • Total Posts: 43445
  • Total Topics: 16537
  • Online today: 3188
  • Online ever: 51419
  • (01. January 2010., 10:27:49)
Users Online
Users: 0
Guests: 2993
Total: 2993









Author Topic: ‘McAfee Labs Threats Report’ Examines Whether Ransomware Is Coming to a Hospital  (Read 2209 times)

0 Members and 1 Guest are viewing this topic.

Pez

  • SCF VIP Member
  • *****
  • Posts: 776
  • KARMA: 117
  • Gender: Male
  • Pez
‘McAfee Labs Threats Report’ Examines Whether Ransomware Is Coming to a Hospital Near You

Delivering uninterrupted services with immediate access to information is not an easy task. Doing it with legacy systems, a fragmented workforce, and inconsistent security is a monumental job. Unfortunately, this is the state of many hospitals, leading the criminal underground to their back doors.

Ransomware attackers have shifted focus, moving from consumers to organizations with weak security but a strong reliance on their information systems. Victims appear to be paying. One ransomware developer posted a screenshot of his digital wallet that showed a balance of US$94 million, earned in about six months.

Hospitals have become a prime target because they usually operate legacy systems and medical devices with weak security and they have a life or death need for immediate access to information.

According to a recent study by the Ponemon Institute, half of all healthcare data breaches in the last year were the result of criminal attacks, as opposed to errors or omissions by employees. At the same time, the primary security worry of these organizations is employee negligence. So it comes as no surprise that phishing and other human-weakness exploits are the primary attack vector.

Ransomware attacks often affect medical devices, which are more challenging to protect and clean up than servers and workstations. Recovering from these attacks not only includes the ransom payment but also the costs of downtime and system recovery. Some hospitals have experienced partial or complete network downtime of five to 10 days. The Foundstone Incident Response team identified at least 19 hospital ransomware attacks during the first half of 2016, across six countries. Most of the hospitals that paid the ransom had no contingency plans for this type of event.

What can you do to protect your hospital? Our Top 10 list for protecting healthcare systems from ransomware and other malware infection:

• Develop an incident response plan, so that if your systems are compromised you can get back in operation quickly.

• On general-purpose devices, keep the patches up to date. Many of the vulnerabilities exploited by these attackers have patches available.

• Whitelist medical equipment to prevent unapproved programs from executing.

• Do not rely on default settings for endpoint protection. Turn on advanced endpoint protections that can block malware executables from running.

• Add or enhance your antispam filter. Most ransomware attacks use uncommon file formats, packed several levels into .zip files to evade detection, so make sure you are scanning for them.

• Block unnecessary programs and traffic. Many ransomware control servers use Tor to get their encryption key. If you can block this traffic, you can stop the encryption process.

• Use network segmentation to separate critical devices required for patient care from the general network.

• Keep backups completely disconnected from the production network, so that ransomware payloads cannot corrupt your backup data.

• Reduce or eliminate the use of local disks to store sensitive data. Secure network drives can be restored more quickly, assuming the backups are clean.

• Almost one in 10 spam messages is still being opened, so ongoing user awareness training is critically important.

Original article: By Christiaan Beek on Sep 23, 2016
Their is two easy way to configure a system!
Every thing open and every thing closed.
Every thing else is more or less complex.

Start Turfing ! http://scforum.info/index.php/topic,8405.msg21475.html#msg21475

Samker's Computer Forum - SCforum.info


 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.codekids.ba:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Kursevi programiranja za ucenike u Sarajevu

Terms of Use | Privacy Policy | Advertising
TinyPortal 2.3.1 © 2005-2023