Ready For Triple Extortion Ransomware?

Back in the old days (last year and earlier) we in the Cybersecurity industry were preparing for ransomware – which is hacker software that modifies your computer files in a specific way (encrypts them) . The only way to decrypt and get your files back is to pay the ransom.

So what is going on today? Here is the Threatpost story:

Ransomware’s New Swindle: Triple Extortion

Unfortunately a Psychotherapy clinic was breached and the clinic paid the ransom, but then the patients were threatened with the problem of being ransomed so that their patient notes will not be released (the hackers have all the data of the patient – including contact data), then 3rd threatening the business associates with a ransom with the data they stole.

Basically any data that was on the computers the hackers thought about and tried to ransom somebody to see if they can get some Bitcoin.

  1. The data on the computers was ransomed (paid by clinic)
  2.  The patients were contacted and threatened with public release of their information
  3. 3rd party associates(vendors or otherwise in the data) were ransomed as to the public release of their information as well.

Interesting to me is the angle of the 3rd party and patient ransom.

Thus before they ransom the data, they copied it to their computers and now are mining it for ways to make more money.

The capacity of hackers to use new ways to make money is always interesting to me. It is one of the reasons which causes the cybersecurity industry many headaches. requires updates to software or requires new products to solve.

unrealized extortion threats in your data has been discussed.

Fortunately there are ways for you to prevent getting ransomware.

  1. Update/patch systems as much as possible (after testing the update)
  2. Install software that does not allow changes to be made to desktop computers
  3. Social Engineering testing and training.
  4. Security Policy writing with risk assessments and more.
  5. Backup your IT  and test the backup.

 

The above 5 are just the beginning as there must be many pieces to the security policy, and there is no order to it until you decide to review risk management.  I.e. No5 may or may not be more important than No2.  The problem with No5 is it must be tested, and that takes time.

Are you going to cut corners? Save money here and there?

If you do not have a valid backup and you try and restore what is the use?

If the hackers can install their software because you did not patch one system because it could not be rebooted…  Now what?

You have to accomplish it all and it has to be part of a routine. #Cybersecurity is important and

Is this what you want to be known of your industry? Darkreading.com story :

{“There’s potentially an incredible return on investment from enterprises in the industrial sectors, specifically those involved with energy and petroleum, who need the availability and would likely be more apt to pay to not lose services or regain access quickly,” Nikkel says. Further, secondary effects of an attack may cause physical damage companies want to avoid.

Within the industrial space, however, are some areas that are more vulnerable. Pipeline security is “far behind” the security of other energy sectors, such as upstream and downstream oil and gas, and electric utilities. A common gap in the pipeline industry is lack of segmentation of the pipeline supervisory control and data acquisition (SCADA) networks, which connect the pipeline control center to terminals, pumping stations, remote isolation valves, and tank farms along the pipeline, explains John Cusimano, vice president of aeCyberSolutions.}

 

So the industry made the cardinal rule of ignoring defense instead of making sure those areas were covered.

It is easy to keep doing things as they were the year before and only focus on marketing and advertising in some industries. But eventually cybersecurity will rear it’s ugly head and smack you when you thought you figured out the world.

It is nigh time for everyone to work on Cybersecurity and in this day and age it is imperative to make it happen.

If you are reading this take this post and let one of your friends know about this new threat, sometimes a friend can get through where the news can’t.

Here is where you can buy my book “Too Late You’re Hacked – Defending  Small Business’ Computers and Networks”

 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.