Home » cyber security » 3 Tips for Avoiding Data Hostage Situations

3 Tips for Avoiding Data Hostage Situations

At the start of the year, Lunarline predicted that ransomware would be among the top cyber security concerns for 2016. This long-standing threat – in which a hacker takes system resources hostage and demands a fee to regain access – is rapidly becoming more popular. This is a part of a larger, concerning trend in which yesterday’s hacking methods are still effective against private networks.

Ransomware made national headlines in February when Hollywood Presbyterian Medical Center paid hackers $17,000 to re-instate system access to stop an attack. That was only a fraction of the $3.6 million that cyber criminals initially demanded, but that’s still a pure loss. And the total cost of recovery from the breach – which is not yet reported – is sure to be significantly higher.

The public may be concerned about attackers’ ability to circumvent Hollywood Presbyterian’s cyber defenses. Thus, in addition to recovery efforts and cyber defense improvements, the hospital may face the substantial costs involved with reputational damage control and restoring public trust.

Organizations should understand that ransomware is a real threat that can cause serious damage above and beyond the fees demanded by hackers. To address the issue, organizations should evaluate and strengthen a number of capabilities, including:

1.Penetration Testing

Hackers often focus their ransomware attacks on specific targets rather than deploying them randomly. Companies should complement their vulnerability scan with in-depth penetration testing to locate potential exploits before hackers do.

2. Incident Response

Hollywood Presbyterian made some missteps in responding to their ransomware issue, including treating it as a random hack with no bearing on its data systems. How your organization responds to such an attack makes a big difference in mitigating direct and indirect damages.

3. Malware Assessment

Sophisticated malware can go undetected in your systems for some time before causing an incident. To combat these threats, you need quality detection tools driven by active, up-to-date intelligence. You also need to make malware reports actionable, and for that, you need malware assessment tools that can prioritize threats by linking them to your core assets.

Lunarline has helped organizations of all sizes, across numerous industries and branches of government, address their malware issues and effectively combat ransomware threats. For more information on how we can help you, send us a message online or visit Lunarline.com today.

About Spence Witten

Spence has somehow survived ten years at start-ups and small businesses without suffering a (major) nervous breakdown. As Lunarline's Director of Federal Sales, Spence actually loves working on proposals. If there were any doubt, this is proof that he is in fact certifiably insane. While his title says "Sales" Lunarline doesn't let him off that easy. We make him do real work, too. Luckily he's a recognized subject matter expert in security policy and loves helping clients navigate their way around tricky security compliance standards. He's also been known to lead a software development initiative or two, though that pretty much always ends poorly for everyone involved. He can be reached at spence.witten@lunarline.com.