Two German hospitals are being extorted by cyber criminals through ransomware. This follows the payment of the $17,000 ransom by an LA Hospital in February. Travis Smith, senior security researcher at Tripwire explains this growing trend of attacks.
[su_note note_color=”#ffffcc” text_color=”#00000″]Travis Smith, Senior Security Research Engineer for Tripwire :
“It’s not surprising that we are seeing more hospitals targeted following the breach of Hollywood Presbyterian Hospital. When ransomware infected consumers previously, victims were held ransom for a few hundred dollars. Now there is precedence for attackers to increase the price of ransom exponentially for businesses, who have a greater financial connection to their data than consumers typically do. There are no signs of this trend slowing, so businesses should take steps to protect themselves in the event of a possible infection.
The number one thing businesses should do is keep timely backups of their critical data. In the event of a ransomware infection, an organization can clean the infection and roll back to a previous backup. At this point, it becomes a financial decision as to what’s more cost effective for the business; pay the ransom or restore operations. The follow up to ensuring proper backups in place are having routine tests of the backup process, to reduce to time and cost of restoring business continuity.”[/su_note]
[su_box title=”About Tripwire” style=”noise” box_color=”#336588″]
Tripwire is a leading provider of advanced threat, security and compliance solutions that enable enterprises, service providers and government agencies to confidently detect, prevent and respond to cybersecurity threats. Tripwire solutions are based on high-fidelity asset visibility and deep endpoint intelligence combined with business-context and enable security automation through enterprise integration. Tripwire’s portfolio of enterprise-class security solutions includes configuration and policy management, file integrity monitoring, vulnerability management and log intelligence.[/su_box]
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.