Late last week significant healthcare institutions - along with telecommunications, government, and education - were crippled by a rapidly spreading ransomware attack.
Unlike more well known data breaches, ransomware attacks are not based on the value of compromised data to those who should not have access to it - for example, selling a list of usernames and passwords, or stolen credit card data. Ransomware attacks exploit the value of the compromised data to those who should have access to it. In some cases last week, holding medical records hostage, demanding a ransom from medical institutions.
After gaining access to a vulnerable system, malicious software is able to encrypt the data on the physical machine, as well as network shares, while at the same time attempting to infect other systems on the same network. Once encrypted the files are only accessible to those that have the encryption key. It’s that key these data kidnappers offer to provide - for a price.
The truth is that last week’s ransomware shouldn’t have affected anything.