IT Support and Hardware for Clinics
32.7K views | +1 today
Follow
IT Support and Hardware for Clinics
News, Information and Updates on Hardware and IT Tools to help improve your Medical practice
Your new post is loading...
Your new post is loading...
Scoop.it!

Ransomware Attacks' New Focus: Businesses

Ransomware Attacks' New Focus: Businesses | IT Support and Hardware for Clinics | Scoop.it

Ransomware attacks are getting more agile, varied and widespread, and are increasingly taking aim at businesses of all sizes in all sectors, rather than consumers.

These attacks involve two-part schemes. First, a device is infected with malware that locks the user out or encrypts files so that the user can longer access them. Then a ransom is demanded through an automated message that appears on the device's screen. The user is told he has a limited amount of time to pay the ransom before the device will be wiped clean or the files will be erased.

In recent weeks, three reports from security firms and researchers have noted new ransomware scheme trends that are making these attacks more difficult to thwart and detect.

As a result, experts say businesses need to focus more attention on employee education about how to avoid falling victim to these attacks and other socially engineered schemes.

New Attacks

On March 2, security firm FireEye warned that hundreds of websites may have been exposed to "malvertisements" - ads containing ransomware - via criminals' abuse of ad networks that use real-time bidding.

"Real-time bidding is an ad sale and delivery system that allows for instant, autonomous ad auctions at the time the ads are served," FireEye says. "A number of buyers set up bids ahead of time for a certain amount of ad impressions (i.e., page loads) on pre-selected sites and certain target demographic characteristics. When a user requests an ad, the ad exchange awards the highest bidder who has an active bid on advertising matching the incoming user's demographic profile. As a result, the auction winner's ad is displayed."

In another recently released report, anti-virus provider Bitdefender noted that cybercriminals were using help files as a way of infecting devices with a variant of the ransomware known as CryptoWall. Attackers sent malicious emails with the subject "Incoming Fax Report" that contained help files with a compiled HTML extensions, Bitdefender noted. When users opened the files, they were presented with a help window that automatically downloaded CryptoWall in the background.

In a third report, released March 6, a French malware researcher known as Kafeine said he discovered what at first appeared to be a new version of the ransomware known as TorrentLocker, but was later determined to be new malware. This is concerning, researchers say, because it proves how quickly hackers are adapting by developing entirely new malware strains that evade current detection mechanisms.

The Evolution of Ransomware

"Ransomware is flourishing as the criminal community appreciates its viability and the ease by which ransomware can be shared," says Tom Kellermann, chief cybersecurity officer at security firm Trend Micro. "The most troubling evolution is the migration to mobile ransomware.

In May 2014, security researchers warned of a new type of ransomware attack taking aim at employees and customers of banking institutions in Europe. The attack was being spread to mobile devices through the banking Trojan known as Svpeng (see New Ransomware Targets Mobile).

Today, attacks waged against Windows and Android operating systems have continued to spread.

"There is a lot of momentum behind ransomware and we do expect it to be a continuing issue throughout the rest of this year and beyond," says John Miller, manager of the Cyber Crime Threat Scape at cyber-intelligence firm iSIGHT Partners. "Law enforcement in different countries can help educate residents about the threats," which are designed for targeted global markets based on language and payments habits, he explains.

But it's up to individual companies to educate their own employees about how to identify a ransomware attack before becoming victimized, Miller adds.

Why Ransomware Is So Dangerous

Rather than targeting home-users' files, as was common in 2012 and 2013, attacks emerging in late 2014 started targeting business assets by encrypting enterprise database files and shared storage systems, says Jeff Horne, vice president of the security firm Accuvant.

"This is extremely dangerous to an enterprise network, as it could potentially destroy a business if offline backups haven't been stored," Horne says. "The real issue is the encryption that is being utilized, more often than not, cannot be broken with today's computers. Therefore, when these files are locked, if the ransom isn't paid, the files are gone until computers can break the encryption."

Another danger, he says, is that hackers sometimes collect the ransom but never unencrypt the data, making it virtually useless to the business.

Randy Abrams, research director for cyberthreat intelligence firm NSS Labs, malware strains used in ransomware attacks are getting stealthier. And like Horne, he says the encryption hackers are using to lock files is getting harder to break.

"Older ransomware used cryptographic techniques that could be cracked," Abrams says. "This currently is no longer the case."

Ransomware can be devastating to victims who have no back-ups or who don't back up to local or network-connected drives, he says. "Online backup services, such as Carbonite, are very useful. But users must be certain that file types are also backed up."

A Growing Threat

The use of ransomware is spreading because the attacks make good business sense for cybercriminals because they can reap big payouts, iSIGHT's Miller says. "Windows ransomware is all over the place," he says. "It's very effective and very popular."

Cryptolocker was the first type of ransomware that got attention, Miller points out, "and criminals' observations of the damage that Cryptolocker was doing made them realize how profitable ransomware could be."

Today's attackers, who range from organized cybercrime rings to nation-states, are selling ransomware using sophisticated business models, says Peter Tran, general manager and senior director of security firm RSA's global advanced cyber-defense practice.

"The hacker distribution techniques and ecosystem are run like a business," Tran says. "The development, buying, selling, trading and distribution creates micro-economies that scale very quickly for both cybercriminals and nation-state attackers. This is a global network much like the open-source software developer communities, where software can be developed very quickly and with greater capacity than closed, proprietary development."

Also, most of the malware strains used in these attacks are evading detection by anti-virus programs, he adds.

"In the past 12 months, over 300 million malware samples have been reported in circulation, many of which are modifications of existing variants, but many are unique," Tran says. "The sheer scale is overwhelming."


more...
No comment yet.
Scoop.it!

New Federal Health IT Strategic Plan -

New Federal Health IT Strategic Plan - | IT Support and Hardware for Clinics | Scoop.it

Following collaboration with more than 35 federal agencies, the U.S. Department of Health and Human Services’ Office of the National Coordinator for Health Information Technology (ONC) today issued the Federal Health IT Strategic Plan 2015-2020.

The Strategic Plan represents a coordinated and focused effort to appropriately collect, share, and use interoperable health information to improve health care, individual, community and public health, and advance research across the federal government and in collaboration with private industry.

The Strategic Plan, which is open for comments, serves as the broad federal strategy setting the context and framing the Nationwide Interoperability Roadmap that will be released in early 2015. The Nationwide Interoperability Roadmap will help to define the implementation of how the federal government and private sector will approach sharing health information.

The U.S. Government has led this charge as a major payer, purchaser and provider of care and associated health IT and through programs associated with the Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009. HITECH accelerated the adoption of certified electronic health record (EHR) technology among hospitals and providers, with 93 percent of eligible hospitals and 76 percent of physicians and eligible professionals taking part in the first stage of the Medicare and Medicaid EHR Incentive Programs. In addition, more than 150,000 health care providers across the nation are working with the HITECH-funded regional extension centers to optimize the use of health IT.

“The 2015 Strategic Plan provides the federal government a strategy to move beyond health care to improve health, use health IT beyond EHRs, and use policy and incentive levers beyond the incentive programs,” said Karen DeSalvo, M.D., national coordinator for health IT and acting assistant secretary for health. “The success of this plan is also dependent upon insights from public and private stakeholders and we encourage their comments.”

“We are very pleased to be collaborating with Health and Human Services, and our other federal partners, on developing the Federal Health IT Strategic Plan. This plan aligns with our health IT priorities. As a large provider and purchaser of care, we continually look for ways to expand the sharing of critical healthcare information with our healthcare partners,” said Karen S. Guice, M.D., M.P.P., principal deputy assistant secretary of defense for health affairs, Department of Defense.

“The Federal Health IT Strategic Plan collectively represents specific goals and strategies for how interoperability will be leveraged to foster the technological advancement of health information exchange to improve quality of care for Veterans while supporting patient-provider interaction,” said Gail Graham, deputy secretary for health informatics and analytics at the Department of Veterans Affairs, Veterans Health Administration, Office of Health Information.

Beyond creating financial and regulatory incentives to encourage the use of health IT, the federal government is helping to create a competitive and innovative marketplace. This effort will help bring new tools to health IT consumers and provide tools to help strengthen health care delivery that aligns with other national strategies to improve health including safety, quality, prevention, and reducing disparities.

The Federal Health IT Strategic Plan 2015-2020 can be found on HealthIT.gov. The period to comment on the Strategic Plan ends Feb. 6, 2015.

Today’s data brief found that the ability to easily share electronic information with other care givers, an important component of chronic care management, is also a major motivation for physicians to adopt EHRs. Among physicians who adopted health IT before incentive funds were available, the ability to electronically exchange clinical information with other health care providers was the greatest motivator for adoption. More than a third of physicians who adopted EHRs after HITECH was enacted cited this capability as a major influence in their decision to adopt, and almost 4 in 10 physicians who were not using an EHR reported that the ability to electronically exchange clinical information would be a major driver in their decision to adopt.



more...
No comment yet.