Hackers of the Russian variety are holding the Miami Family Medical Centre hostage for $4,000. That's Miami, Queensland (Australia) and not Miami, Florida. That's right, there's a Miami in Australia. As surprising might be the news that encryption software like AlertBoot can be used, not to protect data, but to corrupt it.
The Miami Family Medical Centre has announced that hackers are demanding $4,000 (Australian. That's $4,200 American) to provide the encryption key that will unlock the center's own data. According to spokespeople for the center, they had proper security in place – firewalls, antivirus software, etc. – and believe that in this case the hackers had "literally got in, hijacked the server and then ran their encryption software". "It's people who know how to break in past firewalls and hack passwords to get onto the server. We're trying to work out how to pay the hackers or find someone to decrypt the information." [pulseitmagazine.com.au] Well, I'm sure Mr. Wood doesn't mean "literally got in." But, the rest of the statement sounds par for the course: "ransomware" usually involves hackers infiltrating an organization's network, finding a server with essential data, and encrypting it. Since only the hackers know what the key is, they'll offer it in exchange for money, in this case, $4,000. When you consider that cracking crypto is nearly impossible if strong encryption is used, such as the AES-256 used in AlertBoot's full disk encryption, the $4,000 is almost worth it. Even if the data can be regained via methods other than acquiring the hackers' encryption key, it would probably end up cheaper to pay off the aggressors. On the other hand, if one has daily backups, it might be easier and cheaper to restore the data using these than paying off the extortionists. After all, where's the guarantee that they'll send the key after being paid?
The Miami Family Medical Centre has announced that hackers are demanding $4,000 (Australian. That's $4,200 American) to provide the encryption key that will unlock the center's own data. According to spokespeople for the center, they had proper security in place – firewalls, antivirus software, etc. – and believe that in this case
the hackers had "literally got in, hijacked the server and then ran their encryption software". "It's people who know how to break in past firewalls and hack passwords to get onto the server. We're trying to work out how to pay the hackers or find someone to decrypt the information." [pulseitmagazine.com.au]
the hackers had "literally got in, hijacked the server and then ran their encryption software".
"It's people who know how to break in past firewalls and hack passwords to get onto the server. We're trying to work out how to pay the hackers or find someone to decrypt the information." [pulseitmagazine.com.au]
Well, I'm sure Mr. Wood doesn't mean "literally got in." But, the rest of the statement sounds par for the course: "ransomware" usually involves hackers infiltrating an organization's network, finding a server with essential data, and encrypting it. Since only the hackers know what the key is, they'll offer it in exchange for money, in this case, $4,000.
When you consider that cracking crypto is nearly impossible if strong encryption is used, such as the AES-256 used in AlertBoot's full disk encryption, the $4,000 is almost worth it. Even if the data can be regained via methods other than acquiring the hackers' encryption key, it would probably end up cheaper to pay off the aggressors.
On the other hand, if one has daily backups, it might be easier and cheaper to restore the data using these than paying off the extortionists. After all, where's the guarantee that they'll send the key after being paid?
Many people hear the word "encryption" and assume "data protection." It's not an incorrect reaction to have. After all, one of the best ways to secure data is via the use of good, strong crypto. However, it's not the only method. And, like most tools, it can be used for good or evil. In order to maximize the protection that comes from using encryption, you must also ensure that you have proper backups of the data (which should also be encrypted). Proper backups are necessary not only as a contingency plan for instances where hackers hijack you data, but as an arrangement for all the other things that could happen: your computer gets stolen; your data gets corrupted; your office burns down; etc. In other words, the same reasons why backups for data are a good idea in the first place, with or without encryption. Except, with encryption in place, there's even more of a reason why you should be using it.
Many people hear the word "encryption" and assume "data protection." It's not an incorrect reaction to have. After all, one of the best ways to secure data is via the use of good, strong crypto. However, it's not the only method. And, like most tools, it can be used for good or evil.
In order to maximize the protection that comes from using encryption, you must also ensure that you have proper backups of the data (which should also be encrypted). Proper backups are necessary not only as a contingency plan for instances where hackers hijack you data, but as an arrangement for all the other things that could happen: your computer gets stolen; your data gets corrupted; your office burns down; etc.
In other words, the same reasons why backups for data are a good idea in the first place, with or without encryption. Except, with encryption in place, there's even more of a reason why you should be using it.
Related Articles and Sites:http://www.pulseitmagazine.com.au/index.php?option=com_content&view=article&id=1250:hacked-medical-centre-not-the-first&catid=16:australian-ehealth&Itemid=327http://www.bbc.co.uk/news/technology-20663685http://www.net-security.org/secworld.php?id=14091