how to not be a victim of ransomware
play

How To Not Be A Victim Of Ransomware The thoughtful integration of - PowerPoint PPT Presentation

How To Not Be A Victim Of Ransomware The thoughtful integration of healthcare and technology How Healthcare IT Differs From General IT Agenda The Growing Threat of Ransomware What You Can Do Today To Protect Your Business How Healthcare IT


  1. How To Not Be A Victim Of Ransomware The thoughtful integration of healthcare and technology

  2. How Healthcare IT Differs From General IT Agenda The Growing Threat of Ransomware What You Can Do Today To Protect Your Business

  3. How Healthcare IT Differs From General IT • Mobile Providers • Labor Intensive + Technology Dependent • ePHI: Top Target For Cyber Criminals • Heavily Regulated • Over 40% of breaches caused by Business Associates

  4. The Growing Threat of Ransomware

  5. Cybersecurity threats The Ponemon Institute reported that: of SMBs were victims of a cybersecurity attack in 2016. Data breach costs now averages per healthcare record. The Wall Street Journal , reported that: of ransomware victims pay to regain their data. were not able to fully restore their company’s computer data. Ransomware’s Growing Threat to Small Businesses

  6. MORE RANSOMWARE ATTACKSREPORTED TO AUTHORITIES BYSMBs LESS THAN 1 IN 3 ATTACKS ARE REPORTED TO THE AUTHORITIES, A MARKED IMPROVEMENT FROM 1 IN 4 ATTACKS REPORTED IN 2016.

  7. The bad actors are not a monolithic group Often defenders treat all bad actors the same Tools, techniques, motivations, and business models vary by cybercriminal region Non-Professional Grayhats Blackhats State Hactivists Sponsored • • • National security and/or • Non-professional • They believe they are Individuals or groups who Treat cybercrime as a economic motivation hack for a social cause, business cybercriminals offering legitimate services. without economic However, their customers • • Technical expertise • Use crime kits to make Business and technical motivation can be both “legitimate” or expertise spendingmoney • Work in a closed group of criminal • Have both technical • other professionals • Little to no business or Often work in a closed group • Ran as a business people and followers of other professional technical expertise • Often use Blackhatresources cybercriminals and/or techniques to mask • Even though they are not • their identity Criminal reputation is professional, their impact everything can be significant

  8. Cybercrime as a Service (CaaS) It has never been easier for new entrants into the market Example of crimekits and services

  9. “Everything that was lost is gone,” the chief said. “Our automatic backup started after the infection, so it just backed up infected files.”

  10. Kentucky Methodist Hospital, Chino Valley Medical Center Desert Valley Hospital, California, Hollywood Presbyterian Medical Center MedStar Health, Maryland/Washington, DC

  11. Sample Spear Phishing Attack

  12. Cybercrime Crosses Into The Physical World and scales down to Small Businesses and Consumers • Social engineering is being combined with cyber attacks to increase effectiveness. • In many regions, it is becoming socially acceptable to steal from victims on the Internet

  13. FOR SMBs…THE RANSOM ISN’T WHAT BREAKS THE BANK Q: If ransom was requested, how much (on average)? 25% $100-500 47% report the ransom requested $501-2,000 is TYPICALLY between $500 17% $2,001-5,000 AND $2,000. 7% 5,001-10,000 2% $10,001-15,000 1% $15,001-20,000 1% $20,001+ TOTAL RANSOM PAID BYSMBs TO RANSOMWARE HACKERS * : $301 MILLION. *Between Q2 2016 and Q2 2017

  14. LESS SMBsARE PAYING CYBER CRIMINALS THE RANSOM IN 2017, 35% REPORT SMBs PAID THE RANSOM, WHICH IS SIGNIFICANTLY LESS THAN IN 2016. 2016: OF THOSE THAT PAID THE RANSOM, 41% 15% NEVER 2017: 35% RECOVERED THE DATA. GEO TREND: In the UK alone, 21% of SMBs who paid the ransom never recovered the data.

  15. How much did it cost… They did NOT pay the $73k in ransom because they had proper backups However….They did NOT have a continuity solution • Down 2 days (Friday & Saturday) • 735,000 rides a day offered for free • $2.25 per ride Lost $3.3 million

  16. What You Can Do Today To Protect Your Business

  17. 25 Most Common Passwords of Last Year #1 -> 123456 #6 -> 1234567890 #11 -> qwertyuiop #16 -> 7777777 #21 -> google #2 -> 123456789 #7 -> 1234567 #12 -> mynoob #17 -> 1q2w3e4r #22 -> 1q2w3e4r5t #3 -> qwerty #8 -> password #13 -> 123321 #18 -> 654321 #23 -> 123qwe #4 -> 12345678 #9 -> 123123 #14 -> 666666 #19 -> 555555 #24 -> zxcvbnm #5 -> 111111 #10 -> 987654321 #15 -> 18atcskd2w #20 -> 3rjs1la7qe #25 -> 1q2w3e

  18. 15 Ways To Protect Your Business Guide

  19. Next Steps 1. Versioned Offsite Backup 2. Train Your Staff 3. Get Advanced Email Threat Protection

  20. The Protec�on Package Do you have onsite data that is either not being backed up or that may be 15 Ways To Protect US Medical IT getting backed up but with outdated Your Business from Health IT Check technology? Ransomware Microsoft Sponsorship: $1,500 Only 5 Slots Available Free 30% Off Our $1,500 Ransomware www.usmedicalit.com/protect Risk Analysis Protection Program

  21. www.usmedicalit.com Thank You

Recommend


More recommend