Cybersecurity and business risk professionals have watched ransomware evolve from a minor nuisance to a major threat capable of holding multiple systems at risk. Evidence of the rapidly evolving ransomware threat now includes an ongoing attack against Hollywood Presbyterian Medical Center in Los Angeles. The attack was so bad the hospital has had its operations disrupted. Many patients had to be moved to other facilities and even emergency rooms were impacted.
For more details on the attack see this NBC Los Angles Report
Having seen organizations suffer from this sort of attack I can tell you it is never pretty. Depending on the variety of ransomware (the most common is CryptoWall) it can be very hard to remove, especially since it replicates itself to any drive or media attached to the computer it first landed in.
How does the ransomware usually get in? This is a good question. The typical organization already has firewalls, anti virus solutions, encrypted data solutions, data backups, network monitoring and security information management tools to hold data on how all that is working. Most will also have in place user training programs. But still the malware gets in. This may be the most important point. The malware gets in. You can block and patch and try your hardest to prevent, but the bad guys will innovate and eventually malware gets in.
Which leads to this advice:
- Work hard to prevent ransomware and other malware attacks by using best practices, and have your approach validated by an external assessment
- But understand that this is an evolving threat, and eventually malware will get in
- So, prepare for breach, design for containment, and design for rapid recovery.
- And stay agile. Remember the threat will evolve.
Speaking of threats, we recommend every enterprise executive make use of our daily Threat Brief, a product capturing the latest on strategic cyber threats in a quick to digest newsletter. The strategic warning we provide there will help you better prepare against the dynamic threat.
