Think
of the most important institutions that store your data and would suffer the
most if this data became compromised. You would probably think that these
institutions would have the latest and greatest cyber security and be proactive
in preventing attacks on their pivotal confidential data. However, places like
hospitals, police stations, and fire departments often don’t have the best
cybersecurity and have found themselves in the crosshairs of hackers. A type of
cyberattack known as “Ransomware” has the unsuspecting operator download a file
or open an attachment that then encrypts their entire hard drive and demands a
payment in order to access their data again. The creation of the bitcoin in
2009, which allows users to be paid untraceable and anonymously has caused a
resurgence of ransomware attacks, despite the software being around since the
1980s. In 2014, ransomware attacks rose 113% and are only expected to become
more prevalent (Sneed). By asking people for a small sum of several hundred
dollars within a fixed time or else all of their data will be erased, hackers
have been rather successful as people don’t want to see all of their hard work,
memories, music, important career information, etc. be erased in the blink of
an eye. The hackers who utilize this technology have found a “sweet spot” of
around $10,000 for businesses which is small enough that the attacks don’t
receive national news or FBI intervention, but will amount to millions of
dollars when many locations are attacked.
The
reason these high profile institutions such as hospitals are attacked more
heavily than a local business, is because the data is much more critical to
these organizations and they are more willing to pay. For example, if a fire
department has their computerized dispatch system compromised, they cannot
dispatch personnel to emergency situations, having disastrous consequences. With
more than 3.5 million records compromised in 2016 alone and about 4 breaches
per week in the healthcare sector alone, Ransomware is becoming more lucrative
to hackers and drawing more criminals to this endeavor (Akpan). With all of the
data they house, institutions like hospitals simply can’t upgrade to the latest
and greatest cyber security and are often left operating with outdated systems,
leaving them vulnerable. The worst part of the whole scheme is that the money
obtained in these Ransomware attacks is often funding criminal organizations “tied
up in terrible things like human trafficking” (Sneed).
With
society becoming increasingly dependent on technology, critical infrastructure such
as power grids and dams could be susceptible to attacks. The integration of
technology into infrastructure streamlines many processes and reduces inefficiency
when you can computerize everything, however, it endangers the public if these
systems are compromised from attacks. Looking to the future, the best thing
organizations can do is follow better security practices and most importantly
back up their data. The hacker’s attacks rely on the encrypted data they compromised
being irreplaceable. However, if organizations had extensive backup systems in
place such as on hard drives or cloud “warehouses” the compromised data could
be replaced and operations could continue like normal.
Resources
Akpan, Nsikan. "Hacking Health Care Records Reaches Epidemic Proportions." Scientific American. N.p., 29 Mar. 2016. Web. 30 Mar. 2016.
Sneed, Annie. "The Most Vulnerable Ransomware Targets Are the Institutions We Rely On Most." Scientific American. N.p., 23 Mar. 2016. Web. 30 Mar. 2016.
I think that these kinds of cyber crimes will only continue to increase as the world becomes more dependent on technology. While there certainly are ways for large companies to avoid ransomware, such as having many backups for data, this will not solve the trend. If criminals can no longer convince companies to pay for the decryption of their data, they may simply steal data from corporations, and sell it to competitors for large sums, where they would certainly have a market. In order to combat this problem, I am sure that the cyber security industry will see a great deal of growth. In addition, individuals will need to become better educated in how to protect themselves from these types of viruses or other scams online, as these types of attacks will likely be more common on a household level as well.
ReplyDeleteI think that ransomware is emerging as one of the biggest cyber threats today. Recently we were informed by technology services about ransomware and precautions that we can take after the news that a hospital nearby was attacked. I think it is interesting to compare the growth of ransomware with the emergence of Bitcoin like you stated in your blog. I wonder if there would be a way for Bitcoin to be of help with these attacks. I wonder if they could develop a way to find these attackers demanding money through Bitcoin and block their accounts to help limit the amount of attacks. Like you stated in the article, ransomware has been around since the 1980s and has only recently started to become a serious issue which could be a result of Bitcoin beginning to pick up some traction an allowing these attackers to acquire money from the people they are attacking virtually through the internet. Either way, I think that we need to take ransomware seriously and take the necessary precautions to ensure the security of our data.
ReplyDeleteI believe that ransomware and all forms of security penetration are very interesting. Its amazing to consider that programmers must not only ensure that their programs work but also that nobody will try and break them on purpose. Security will never be perfect and people will try and profit off of this as long as there's a way to make money. I really do feel that a lot of the time its a vulnerability in a particular service that can even detriment other unrelated services. Say for instance that your servers relied on Amazon for security, if Amazon were ever attacked that would also leave your service vulnerable to attackers. In the case of ransomware I feel this to be particularly bothersome though because no information is being stolen. Usually it will only be for the money. I hate to say it but the only real way to protect yourself is to back up your data everyday. Its not going to stop the attacks from happening but surely it will save the hassle of trying to recover your data. Backups do not really take a long period of time and people should only be syncing important files, not any re-downladable programs.
ReplyDelete