Jump to content

Ransoms demanded for data


petzl

Recommended Posts

http://www.abc.net.au/lateline/content/2012/s3618122.htm

Australian Broadcasting Corporation

Broadcast: 24/10/2012

Reporter: Margot O'Neill

Police are warning about an extortion racket which locks up data on computers and then demands thousands of dollars to release the information.

Pays to ocassionally reset firewall

Link to comment
Share on other sites

Disturbing - and it was always going to happen which is the really disturbing aspect. What we do with our own PCs is one thing but we have no (direct) control over the quality of the security of our service providers. Is it getting to the point where, as well as reasonable assurances (mostly through regulation) as to trade and professional qualifications and indemnity, we need also to be looking at their data integrity, security and recovery certification? Shades of the self-inflicted/delinquent Y2K nonsense, except this time the risk is real and external.

What's rather new about this is the "leveraging" of the whole thing by attacking (amongst other things) medical records. Potentially that puts lives at risk.

It is copycatting the recent(ish) trend in the USA where, no co-incidence, there is a concerted push to digitise medical records at the enterprise/practice level (and to share them with other, duly authorised, practitioners - "health information exchange", with a primary benefit of potentially/logically improving care and reducing iatrogenesis or inappropriate treatment risks when patients move from practitioner to hospital care or between practitioners). THEN hacks on the medical records, followed at exactly the same pace, using established but evolving plans and methods, more lately combining the proven "ransom" strategy, one which "keeps on giving" because the source data may ALSO be mined by the perpetrators or their clients for other purposes including blackmail.

Undoubtedly numerous gangs operating but generally rather more sophisticated than the average exploit and hack attempt that "only" copies data and/or leaves behind varying degrees of simple damage and/or leaves additional malware infestation and vectors.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...