Some healthcare entities may be more likely than organizations in other sectors to pay extortionists to unlock data that's been encrypted in ransomware http://www.healthcareinfosecurity.com/anti-malware-c-309 attacks because patients' lives are potentially at risk if data is unavailable, says privacy http://www.healthcareinfosecurity.com/privacy-c-151and security expert Kate Borten.
See Also: Unlocking Software Innovation with Secure Data as a Service http://www.databreachtoday.com/webinars/unlocking-software-innovation-secure-data-as-service-w-895?rf=promotional_webinar
"Even though law enforcement would say 'don't pay, these guys are criminals, and we don't want to encourage criminal behavior, and you can't trust them,' ... the reality is that this is a business decision, and each organization needs to consider what the impact is," says Borten, founder and president of consulting firm The Marblehead Group.
"In healthcare, for provider organizations, the ultimate [consideration] is patient care, and if the attack has the potential to affect care of patients, then I think we see hospitals ... paying the ransom in some cases."
For example, Hollywood Presbyterian Medical Center http://www.healthcareinfosecurity.com/ransomware-hits-hospitals-a-8872 in February said it paid attackers about $17,000 in bitcoin to unlock patient data after a ransomware scheme.
Healthcare entities need to keep in mind that there are other potential threats posed by ransomware beyond locking up patient information, Borten notes. "We can never assume that all it's doing is simply encrypting http://www.healthcareinfosecurity.com/encryption-c-209 the data. That might be what we see because we can't get to our files, but there may be much more going on."
Organizations can avoid having to making a difficult decision about whether to pay a ransom after an attack, Borten says, if they take appropriate defensive precautions, such as properly backing up data to ensure availability.
In an interview at the Boston Fraud and Breach Prevention Summit http://events.ismgcorp.com/event/fraud-breach-prevention-boston-2016/?rf=trending, Borten also discusses:
- Why the healthcare sector has become the No. 1 target for ransomware attacks;
- The mitigation steps to take as soon as an entity suspects it's become a victim of a ransomware attack;
- Why more ransomware attacks are likely to eventually appear on the Department of Health and Human Services' Office for Civil Rights' "wall of shame" https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf tally of major health data breaches as a result of OCR's recent release of new ransomware guidance http://www.healthcareinfosecurity.com/hhs-most-ransomware-attacks-reportable-breaches-a-9257 .
Before founding The Marblehead Group http://marbleheadgroup.com/, Borten led the enterprisewide security program at Massachusetts General Hospital in Boston and established the first information security program at Beth Israel Deaconess Medical Center and its parent organization, CareGroup, as its CISO.
Read the source post by Data Breach Today