Wednesday, December 30, 2020

Ransomware May Get Worse in 2021


I love the website ZD Net.  As a techie, I've been reading their stuff for a long, long time.  It's well written and insightful stuff.

A recent article I read there gives a good view of where Ransomware is headed in the year about to start.  As most people now know, the scourge of Ransomware isn't going to go away any time soon and the criminals behind it continue to evolve the problems it can cause.

One of the latest problems has been criminals stealing data before encrypting it.  The hackers then threaten the victim to not only pay to decrypt their data, but if they refuse to pay, the criminals threaten to release confidential stolen data to the world at large.

Of course this can be a huge problem for any company, but especially those in healthcare who also have to worry about data security due to HIPAA.  A small dental practice hit with something like this could easily be fined large amounts by the federal government as well as having to pay the ransom.

ZD Net is now voicing concerns about perhaps the next "step up" in Ransomware, moving it to the cloud.  Broadband has become so ubiquitous that "the network is now the computer".  This has allowed many companies to move tons of their computer processing into the realm of the cloud.  However, the problem with the cloud & Ransomware is one of scale.  If bad guys manage to infect a cloud server, they could theoretically then infect everyone with access to that cloud server.  This could create an infection on a logarithmic scale.  One cloud infection mighty very well create an infection of multiple systems.

Last year, there was a similar type of situation where dental software providers had installed on client office computers a program that allowed the software companies to access the dental office computers remotely.  The idea was that if there was a problem, the software provider could immediately access the problem computer and fix it.

However, the software companies themselves became infected by Ransomware, which then used the remote access programs to infect and encrypt the remote computers in 400 dental offices.  It took several days to get things straightened out.

Now imagine if a huge SAAS type company was similarly infected.  It could be a nightmare.  This could especially be a huge problem if this occurred in hospitals.

The worst part of this is that clients currently have a difficult time with backing up SAAS systems (at least that I'm aware of).  A pristine backup that is timely is currently the best way to fight the scourge of Ransomware, but if you cannot get a backup, things get dicey.

For the full story from ZD Net, here is the link.  

No comments:

Post a Comment