Turkish hackers have claimed responsibility for the ransomware cyber attack which hit an LA hospital recently.
The hackers boasted “So thanks to feebleness of weak-wiled Americans We became richer and earned $17k! If you read this message you must understand that Turkey is the great cyber-power whose might you have witnessed! If Washington keeps on supporting Kurdish terrorists Turkish hackers will become richer!”. IT security experts from Proofpoint discuss how credible these claims are.
[su_note note_color=”#ffffcc” text_color=”#00000″]Kevin Epstein, VP of Threat Operations at Proofpoint :
“Attribution of cyberattacks is notoriously difficult. Cybercriminals routinely route data through multiple countries and servers within countries, leave false ‘evidence’ pointing to other groups, and generally attempt to conceal their tracks. It is unclear whether the recent postings claiming attribution are genuine, or deliberately misleading, or simply an entirely different group or individual leveraging the recent publicity. Defenders would be well advised to pay far more attention to technical indicators of compromise (IoCs) rather than hype.”[/su_note]
[su_note note_color=”#ffffcc” text_color=”#00000″]Ryan Kalember, SVP, Cybersecurity Strategy at Proofpoint :
“While it’s not out of the realm of possibility, they have provided zero evidence to substantiate their claim, and are claiming a political motivation that is out of character for the groups behind the recent surge in ransomware. I would also comment that the use of “pwned” is odd, as this was hardly a sophisticated attack worth bragging about.”[/su_note]
[su_box title=”About Proofpoint” style=”noise” box_color=”#336588″]Proofpoint Inc. (NASDAQ:PFPT) is a leading security-as-a-service provider that focuses on cloud-based solutions for threat protection, compliance, archiving & governance, and secure communications. Organizations around the world depend on Proofpoint’s expertise, patented technologies and on-demand delivery system to protect against phishing, malware and spam, safeguard privacy, encrypt sensitive information, and archive and govern messages and critical enterprise information.[/su_box]