MedStar Health, the largest healthcare provider in Maryland and Washington, D.C., was forced to disable its network after an alleged ransomware attack infected several systems. Here to comment on this news is Wolfgang Kandek, CTO, Qualys.
Wolfgang Kandek, CTO, Qualys:
Ransomware is quickly becoming a significant threat to the availability of the IT infrastructure of organizations of all industry areas and sizes. In order to minimize the susceptibility to ransomware, IT managers need to harden their users’ workstations as these are the main targets of the attacks. Ransomware gets on the user’s system through two major vectors:
- Vulnerabilities: for example, a trusted website serves an advertisement that contains an exploit for a recent Flash vulnerability. The exploit then downloads the ransomware which starts encrypting files.
- Configuration flaws: for example, allowing automatic active content in documents downloaded from the Internet.
Both cases are relatively easy to address, vulnerabilities through patching and configuration flaws through setup changes. An accurate inventory of the hardware and software deployed and its current configuration settings are vital to close down the most active attack vectors.”
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Celebrating Data Privacy Day – 28th January 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Most Active Commenters
“First of all, it should be praised that Ferrari have…
These findings aren’t very surprising given that unpatched zero-days provide…
These figures from Mandiant highlight how attackers are continuing to…
Just one week after the Zoll Medical data breach that…
Independent Living Systems (ILS), a Miami-based healthcare software firm providing…