Latest Insidious Variations On Ransomware Attacks

One new strategy targets healthcare organizations by sending practitioners – doctors and nurses – authentic-looking files that include such things as ultrasound images or other medical documents, as part of a “consultation” or request for one. As reported in Krebs on Security, the scammers are sophisticated enough to have figured out, for example, that cirrhosis or fibrosis of the liver would be a more likely candidate for remote diagnosis than cardiovascular problems. That observation comes from a cybersecurity company official, quoted in the Krebs article, who says his team learned about this after gaining access to some ransomware gang internal discussions. “Basically” he says, “they’re counting on doctors or nurses reviewing the patient’s chart and scans just before the appointment.”

Another novel strategy involves inserting messages into executive email boxes, to make it appear they are planning a big stock trading move based on non-public information. The trap is sprung by way of a threat to release the emails. Details on this strategy were also obtained by the cybersecurity company’s successful penetration of a ransomware gang’s system. One gang member is said to have talked up this strategy to a colleague by noting that under federal law these guys could get up to 20 years in prison.

The Krebs post concludes with some not un-familiar cybersecurity best practices, regarding such things as passwords, security patches, encryption, multi-factor authentication and employee training. But Krebs also points out a disturbing  issue regarding backups, one that many companies have never thought about or rehearsed and that would be a real challenge to address. -Today’s General Counsel/DR