Looming danger of ransomware
Sachin Gaur is director operations at InnovatioCuris. He is interested in topics of mHealth and Cyber Security.
Ransomware is an alarming attack not just for your personal data on your mobile or PC, it is much more – it is all about your personal data, the loss of which can be pocket-pinching as well. Learn about how to recognize such attacks and how to deal with them.
The first computer virus was Brain, written by two Pakistani brothers in 1986, without any negative intentions in mind. 30 years since then, computer viruses have come a long way and one can say that it has become an industry or ‘organized crime’. The first creators had their contact details and the physical address in the message shown in the infected computer. Even after 25 years of the incident, a Finnish cyber security expert could go and meet them to celebrate the anniversary of the event. The virus writers no more write their physical address in the computer message but they do write payment instructions if you want to rescue your computer or mobile device.
If we ask a question to security experts on what has changed in the way computer viruses work, the most likely response you will get is that the viruses have become very complex! It is no more a lone guy writing them to have some fun, no more like a hobbyist in the garage. Writing a computer virus is, increasingly, job of an enterprise with a criminal motive in mind. From an individual to a Nation state, either could be responsible for the job of writing state-of-the-art computer virus to steal data, or make your machine a Bot, or at times to even destroy a nuclear reactor. The industry is getting organized and the Nation states are buying these as weapons to be used against other enemy countries. We are in the era of “cyber weapons”.
Latest in the series is a type of virus, which looks to make money for its creator by asking for ransom. It is called ransomware. If you ask around in your network, about the ransomware, people might say that they don’t know about it! However, if you ask them the same question rephrased, whether they have seen any instance of the computer screen showing that their data is now encrypted and they need to pay money to recover it, the situation may sound familiar to some!
“Ransomware hits 150 PCs at Maha Mantralaya”, such news item is increasingly becoming common. As for the first time, the business of computer viruses is getting organized into a moneymaking enterprise. As per the latest Symantec report,
India ranks third in Asia for the number of ransomware attacks taking place. It is estimated that India is seeing 170 attacks per day, out of which majority is ransomware.
Now focusing a bit on the health sector. We are seeing an increasing number of instances where the US hospitals are being impacted with ransomware and a huge amount of ransom is being demanded. The criminals are aware of the high value of the hospital data, because of its sensitivity and criticality, hence the risk. Given the early signals from the US market, Indian hospitals should also be prepared to tackle the looming challenge.
What is the solution to the Ransomware challenge?
a. Having a good and timely backup: when your data is encrypted and you are being asked for ransom, you will have to pay the money until and unless you have a backup. As a healthcare organization, you need to have a good backup plan and strategy to mitigate any such disaster.
b. Preventive strategy, training employees to not to fall in the trap: The malware to spread needs a vector. Often this vector can be an email and luring the person to click. If your employees know what not to click, than you have a better chance of surviving the looming challenge. Invest in an appropriate training for your employees.
c. Legal Aspect: If you are ever affected with ransomware, you will be asked to pay in bitcoins. A bitcoin is a non-traceable crypto currency. Hence, it makes it easy for the criminals to collect the money. However, as we write this article, buying and selling of bitcoins is not considered legal in India. If you can report the instance to the authorities, it is possible for them to investigate it further and hopefully they can come up with a legal action or build policies around this topic to safeguard the interest of businesses.
Stay alert, really and virtually!!