Very very sick

It is really very easy to look at the misfortune of others when they fall foul of ransomware and think, ‘oh well, the sun will still come up in the morning, what’s the big deal?’, or something like that.

But imagine one of your loved ones was about to undergo life or death surgery and the health care professionals could not access their records, XRays, MRI data etc.

That is exactly what happened at the Hollywood Presbyterian Medical Center, which fell foul of a $17,000 ransomware attack that rendered it’s systems useless.

With lives at stake and a very dynamic data set, it appears that recovering from backup was not viable, so the hospital had to pay up. A massive hint to healthcare IT Managers, or indeed any business with a requirement to access very recent data, especially in a life or death situation – watch out.

In case we are in any doubt about this, what we are talking about is a criminal gang extorting a hospital with seriously unwell people in its care. As rackets go, this has to be amongst the vilest crimes ever. Worthy of The Joker, Bane or numerous other Hunts we could mention.

As we predicted at our annual security event (this year called CloudBurst) at The Tower of London in January, ransomware is on the up and the delivery method is almost certainly via Phishing emails. It seems that even the best email scanners miss well-crafted Phish and once delivered, our overworked, underpaid and poorly advised staff can easily click on the link of doom.

With approximately 60% efficacy, legacy Antivirus engines will miss most of this infection and are more or less useless. This is why ITC is looking at next generation Antivirus solutions are entering into testing with Cylance, which offers a new approach to AV using an Artificial Intelligence engine on the client. Promising a 99% plus detection rate, this looks promising but we will suck it and see and report back presently.

If you would like to discuss the perils of ransomware and would like some solid advice please contact us at: 020 7517 3900 or email us at [email protected].

This week’s blog was suggested by one of our clients, you know who you are and thanks. Let’s hope you can stop your in house malevolent developer from becoming the next big thing in Malware.