A ransomware attack is one of the most critical security breaches. Here is some general information about the ransomware.
- · It infects computers through clicking an unsafe link or downloading unsafe programs. These can come in e-mails, torrents, botnets, or other forms of transmission.
- Ransomware can’t be removed even when the computer’s owner flashes the BIOS, wipes the drive, or attempts to return to a prior restore point.
- · A ransomware often locks down user files and the ransom demand is made, while a unique decryption key is created and stored on the hacker’s servers. “If the ransom is not paid in time, or if any attempt to alter the program directly is made, the decryption key is permanently deleted, rendering all encrypted files inaccessible. If the ransom is paid in time, the decryption key is transferred and the files will be decrypted” (Alvarez, 2019).
On December 2018, a Phobos ransomware exploited open or poorly secured remote desktop protocol (RDP) ports. It snuck inside the networks, encrypted files, and demanded a ransom be paid in bitcoin for returning the files. The ransomware was created by Dubbed Phobos, which people believe this group also the creators of the Dharma ransomware. “Phobos also contains elements of CrySiS ransomware — also related to Dharma — with anti-virus software detecting Phobos as CrySiS. The ransomware's file markers also differentiate it from Dharma. However, the attack methods and threat remain the same” (Palmer, 2019). With so many similar ways of an attack, the researchers believed that Phobos ransomware was just the modification of Dharma ransomware.
The Dharma ransomware attack happened on September 3, 2018, which was about 3 months before the Phobos ransomware. Dharma ransomware hit the Altus Baytown Hospital (ABH). It snuck into the ABH network with malicious code and infected the hospital's systems. The Dharma ransomware was able to encrypt files and then demanded a ransom payment in return for access. The files “included files containing patient information such as names, home addresses, dates of birth, social security numbers, driver license numbers, credit card information, phone numbers, and medical data” (Osborne, 2018).
The world will continue to deal with more data breaches and cyber attacks. Therefore, it is the businesses’ responsibility to prepare and prevent themselves from all the possible security issues. Now, it would cost business quite a bit of money and effort to build and maintain a strong security network. If companies don’t have enough funds for security, they can go with the following options:
1. Cloud solution: There are the services that provide the computing resources for business. It includes everything, such as from application to the data center and obviously, the security network with the cloud is designed and secured by the best security experts. The service is mainly through the internet on a pay for use basis.
2. Pay-as-you-go model: “One major benefit of the pay-as-you-go method is that there are no wasted resources, since users only pay for services procured, rather than provisioning for a certain amount of resources that may or may not be used. With traditional enterprise design, users architect data storage to handle the maximum workload. But with the public cloud, the pay-as-you-go method allows you to be charged only for what you store” (Rouse, 2015)
Reference:
Alvarez. (2019). Ransomware – What Is It and What Is Its impact. Retrieved from https://www.alvareztg.com/ransomware-what-is-it-and-what-is-its-impact/
Osborne, C. (2018, Nov 19). Texas hospital becomes victim of Dharma ransomware. Retrieved from https://www.zdnet.com/article/texas-hospital-becomes-victim-of-ransomware-patient-data-potentially-leaked/
Palmer, D. (2019, Jan 21). New Phobos ransomware exploits weak security to hit targets around the world. Retrieved from https://www.zdnet.com/article/new-phobos-ransomware-exploits-weak-security-to-hit-targets-around-the-world/
Rouse, M. (2015). Pay-as-you-go cloud computing (PAYG cloud computing). Retrieved from https://searchstorage.techtarget.com/definition/pay-as-you-go-cloud-computing-PAYG-cloud-computing
No comments:
Post a Comment