Ransomware Bites Dental Data Backup Firm Article Discussion
Post #1 (Waleed)
The article I will explore in this week’s post is titled “Ransomware Bites Dental Data Backup Firm”. The article was published on August 29, 2019 in the KrebsinSecurtywebsite the and can be accessed at https://krebsonsecurity.com/2019/08/ransomware-bit…
The article presents a very recent cyber-security case in which a Wisconsin-based PerCSoft Company which provides data backup services for dental care providers across the United States was hit by a ransomware attack that resulted in capture of large volumes of its clients’ data. The company provides backup services for medical records through the cloud-based Digital Dental Solution (DDS) Safe. The ransomware encrypted approximately 400 dental records. It is not clear whether PerCSoft had already paid for the ransom as some of the captured files had already been restored at the time the article was published. However it is suspected that PerCSoft had made undisclosed amounts as ransom. The article highlights that attackers are currently most interested in cloud data as well as backup services to launch ransomware. Some of the recent entities to experience similar attacks include QuickBooks cloud hosting subsidiary iNSYNQ as well as Apex Human Capital Management.
What is interesting about ransomware attacks as presented in this article is the sought of dilemma that target institutions find themselves into whenever an attack is executed. On one side, there is the need to safeguard their business from legal actions that their clients can take for denial of access to services as required.Therefore, paying the ransoms comes as a cheaper option than not paying. On the other hand, there is need to comply with directives with investigation agencies such as the FBI that discourages company from paying ransom. Oftentimes, companies find themselves paying the ransom which is probably a better evil. However, failure to allow investigations to identify the perpetrators means that the firms remain exposed to more ransomware attacks in the future. An article by March Goodman titled “Good tech, Bad tech” talks about the ever growing cyber securityconcerns even as technology continue being a solution to most challenges facing humanity today. Goodman observes that every advancement in digital technology is being followed by attempts by attackers to circumvent its defenses in order to carry out malicious activities. Basically, Goodman observes that the technology that has presented numerous benefits to the society is also exposing them vulnerable to cybercriminals. Firms in the financial sector are also primary targets as attackers are usually motivated by monetary gains from ransom or sale of the captured data to other firms.
The threat of cyber-attacks is constantly changing. We find that the playground for attackers in widening as the world is becoming more and more connected. The explosion of Internet of Things (IoT) is making almost everything an avenue for hackers to launch attacks. We also find that although money is one of the motivating factors for attackers to launch attacks, there are also other factors related to interstate cyber conflicts. This is clearly disused in the book by Valeriano and Maness. These authors argue that a majority of cyber actions being witnessed today are closely linked with international relationships between countries. Countries such as the United States are considering cyber threat as a priority concern and more serious compared to terrorism and nuclear wars. Linking this with the article we find that some attacks even those targeting private firms could be sponsored by external state actors as a form of rivalry between states or region.
Summary of the Article
The article A Safer IoT Future Must Be a Joint Effort by Rauscher focuses on the importance of cybersecurity. The report highlights measures of prevention, such as the passing of IoT cybersecurity movement act to safeguard internet devices (Rauscher, 2019). The bill focused on providing internal security features and ensuring data collected is protected. The article also questions the longevity of the devices and the ability of users (manufactures) to give alerts on time (Rauscher, 2019). The author also emphasis on the need to enact future legislation that prohibits early hacking because internet threats continue to grow as technology develops. The author also points the need to share knowledge with other experts to enhance cybersecurity and protection of IoT devices (Rauscher, 2019).
Relation to Week Readings
As described in the article, cybersecurity is essential to safeguard the devices used. As stated in the reading “Cyber-securityThe lessons of Equihack,” prevention and disaster recovery approaches would be crucial to minimize the number of hacks since the nature of cyber threats is changing. The article also highlights that the best practice is to ensure data protection. As stated by Cooke (2017), there is a need to ensure default credentials are reset before use to ensure data protection. As described in the article, knowledge sharing is essential to have a joint approach to cybersecurity. As stated by The Economist (2015), crowdsourcing and sharing know-how is necessary to prevent future cybercrimes by terrorists. In the article, the author focuses on the need for prevention and planning and passing future legislation to avoid more risks in the future. This is related to the argument that there is need to plan for a threat spectrum in the future in the face terrorist realizing that cybercrime is effective for exploitation as in chapter six Valeriano, and Maness, (2015). This calls for strong policies to minimize the number of hacks. Also, as stated by Reveron, (2012) in chapter four, the prevention of cybercrimes is essential since it helps in minimizing state-state conflicts.
Cooke, A. (2017, Jul). Preventing the Internet of things into Cyber Arsenal.
Rauscher, S. (2019, Sep 9). A Safer IoT Future Must Be a Joint Effort. Retrieved from https://www.darkreading.com/risk/a-safer-iot-future-must-be-a-joint-effort/a/d- id/1335813
Reveron, D. S. (Ed.). (2012). Cyberspace and national security: threats, opportunities, and power in a virtual world. Georgetown University Press.
The Economist. (2015, Feb 21). Cyber-security. Good tech, bad tech: Why people need to wise up about what smart criminals are working on.
Valeriano, B., & Maness, R. C. (2015). Cyberwar versus cyber realities: cyber conflict in the international system. Oxford University Press, USA.