Moments after I have finished teaching an introductory course on cybersecurity and protection I came across an article about US hospital administrators who preferred, after Cyber Ransomware attack, to pay the money (over $ 50,000) than using backups to restore back its IT capabilities. I tend to believe that they tested the possibility of recovery by returning from backups, Paying the ransom seems to face the quickest solution for a life-saving organization to get back to normal.
I took advantage of the article just published in time for a final quiz… I have then published to my students some questions for a paper to be written on that subject. Beyond the usual questions of "What is Ransomware, how can I prevent it, how can I recover from such a cyber incident?"
I was interested in knowing what my students were thinking, so I asked, "How would you work if you were the cyber managers in the organization?" You could see who read the article diligently and who looked at it. The answers ranged from the scale of "I would never pay a ransom" to an in-depth analysis of the dilemmas of the hospital's director of security and risk management.
Of course, I also asked how it is possible to prevent a situation in which similar infertility will re-enter the hospital network. The report states that the infection was done by using RDP after scanning open ports and performing "guessing passwords" and therefore I expected (and was not disappointed in most cases) to see that reference is made to canceling the use of RDP or changing the default port; Strengthening passwords; Use IDS / IPS technology to identify and block port scanning and guessing passwords from a remote station.
One thing bothered me by reading most of the answers and after cross-referencing the bibliographic sources. From there, there are those who attribute to data backup processes part of the prevention process and not the beginning of the rehabilitation process.
The article that started it is here. If you have got hat Ransomware, you can try the fighting it here
No comments:
Post a Comment