Massive Ransomware Infection Computers †MyAssignmenthelp.com

Question: Discuss about the Massive Ransomware Infection Computers Management. Answer: Introduction: Torrance Memorial Medical Center, a California based medical facility suffered a security data breach on 18th and 19th of April 2017. As per them, two email accounts have been hacked which contain reports which are work related and due to the phishing attack they got compromised. The attack led to even stealing of the personal data as well. However, there has been news with regards the misutilization of any data stolen, however this can be no reason for the medical center not taking any steps against the same. As is understood that one of the most methodologies were used for the said attack to be conducted due to which it makes it very clear that the medical centre had failed to take adequate steps to address issues. Unfortunately, phishing is one such campaign which is successful even now, even when it is known by all as to how to safeguard ones systems against this kind of an attack. Thereby it is clear that the individuals even now fail to be extra cautious before accessing there mails and opening attachments from unknown sources (Socal, 2017). On conducting a thorough investigation of the said case, it is concluded that a simple way of hacking i.e. phishing is used by the malicious people to enter into the system of the medical center and hack two prominent email accounts which contained specific work related reports and documents. However, the main issue here is that it is still not known by them whether the stolen data has been used for unscrupulous acts or not (Daily Breeze. 2017). Even if there has been no tampering with the data stolen, yet the theft has occurred of sensitive information such as names, address, date of birth, contact number, medical history of patients, health insurance data and such other information which is categorized as critical Management. The hospital authorities are sending warning letters to all those whose data have been infected thereby ensuring them that they are protected well. However, here the main issue is negligence on the part of the center who have opened up such mails and the attachments within it without taking into the account the senders details and whether the same has been sent from an authorized source or not. Not to forget, hospitals are one of the main places from where one can obtain huge amount of income and the fact that the Torrance memorial became a victim makes it clear of the loose ends available in the existing security panels (NewsBreak Live. 2017). Solutions to Prevent Such Hacks One of the biggest solution to such a kind of problem is to be extra cautious before opening up any mails. Checking up of the sender details is a must specially at such important centers like hospitals. Further to this, crucial, sensitive as well as critical data should be shared not via mails but either personally or via very secured sites which have strong encryption facilities. The system also dialed to have a good spam detector facility and also a firewall installed which should be done immediately. The fact that data has been leaked is a big risk as it can be tampered at any moment. Further to this, Torrance Memorial Medical Center should check on the practice and train the people who are employed to be aware of such unwanted spam. Although they have sent notices to all the patients whose data has been compromised, they have even offered them free credit monitoring as well and individuality robbery shield services for a year (DistilNFO HitTrust Advisory. 2017). Last but not the least, the victims are asked to be watchful as well as cautious with regards such occurrences of robbery and fraud, to keep a check on the bank account and to scrutinize on a timely basis for no-cost credit reports and explanation of benefits forms for apprehensive actions. It clearly shows that the hackers are always active in a dormant manner and find such traps wherein even a single employees casualness can lead to a situation as adverse as this wherein the personal records of various patients are at stake (Davis,2017). One very most important step taken by Torrance Memorial is that th ey had immediately intimated HHS about the occurrence of the said hack which generally various entities avoid to do so. Lastly, all the patients who are intimated about such a hack, should immediately ensure that the bank account details shared with the medical center be informed to the respective banks about the fact that such a tampering has occurred and thereby not to release payments if request come from unauthorized people or such other suspicious people (Massive Media. 2017). Thereby on analyzing the entire case of the said security breach, one can summarize the fact that the staff and the employees of the medical management need adequate training with regards the malicious acts that can occur with the systems and how cautious they are required to be. Opening up of emails without checking the credentials, can be as fatal as this and in turn even lead to occurrence of unwanted events against the patients. Phishing is one of the most way of hacking and Torrance Memorial failing to take precautions against the same is surprising. Adequate updates about spam is a must without which the system would always remain vulnerable to such attacks. The particular case is a perfect example of negligence which has led to happening of the said security breach. An outrageous ransomware attack had taken place in the month of May 2017 which is said to be one of the biggest in the history of data breaches since the attack took under its umbrella not one company or country but as many as a hundred countries of which Russia, India, China, Taiwan and Ukraine being the highest sufferers (Goswami, 2017). They used the tool which is used by the US National Security Agency to enter the system of the terrorists thereby putting a great impact on the NHS in a negative way (Graham, 2017). Further to this, one of the most renowned transport service provider, FedEx was also impacted. The attack had destroyed various laptops and computers across the globe, and the number has been counted at 300,000 till date. The virus which has been used to infect the various systems across the globe is named as WannaCry. The major point of problem in this particular attack was that the attack was not conducted in any special manner, rather the attackers used one of the most common methods of attacks i..e phishing whereby they sent unwanted spam mails containing malicious attachments and once the same is opened or downloaded, the hackers get an access to the system of the person. Further the complexity of the scam was the involvement of not one company or country but it being wide-spread. The ransomware was called as WannaCry, WannaCrypt0 or 2.0 or WCry. Phishing is a cybercrime wherein the target or the people who are to be victimized are sent emails which are junk and spam in nature, thereby attracting the receivers of the mail to open the same and this would then give access to the hacker of the mail account and in some cases the system as well. This way the hackers can gain access to the sensitive data stored and thereby use the same for satisfaction of malicious intentions (Hern Gibbs, 2017). Apart from the technique of phishing, the second critical problem was that once the system has been attacked and hacked, the hackers demand for a payment against which they would again provide access to the user. However, unfortunately there lies no surety about the access. The attack had spread very fast across companies and across borders as well, leading it to become one of the leading and most horrifying cyber attacks in the history of security breaches. Due to the pace at which the same had spread, the people took a lot of time to gai n control over the same. The panic attack was too high to be handled in a single day simply due to the reason that it had spread across continents as well. The attack started from USA and spread till the continent of Asia (Kharpal, 2017). The biggest sufferer due to the said attack was Britains NHS. Hospitals and GP surgeries in England and Scotland were also under the victim list amongst the 16 health entities that were the victim. The result was such that people were asked to shift the way of working from technology to traditional i.e. manual. They were also asked to maximize the usage of their mobile phones because the ransomware attack had corrupted many systems and that too the mother systems and also the landlines as well. To everybodys surprise, the patients who were suffering, were asked to return back and the state was so miserable that those who needed surgeries had to also go back because of the said attack. The situation was so sad that health acre industry being one of the most crucial ones, there the patients were asked to visit the hospitals and medical centers only in dire necessity. As per the present day data, Russias Interior Minister was one of the victim, followed by Taiwan, Ukraine and India. FedEx Corp. is also one of the biggest sufferers. Apart from these, the telecommunication segment was also not left untouched. Telefonica in Spain and Portugal Telecom are two of the companies belonging to this sector who were also victims of the said ransomware harassment (BBC News. 2017). How was the Attack Carried Out No special methodologies were used for the attack to be carried out. One of the most commonly used ways of phishing was the type of attack. Cyber Gang by the name of Shadow Brokers are the ones who are supposedly the ones behind the hack. As per the details given by the gang, they confessed that the cyber weapon was stolen by none other than but them from the National Security Agency (NSA) USA. The weapon is named as Eternal Blue which basically enables the NSA to get access to the systems of terrorists via the MS office software which is the most common and basically found in all systems in todays date. But it is concluded by many that the gang had installed the said malicious software on an unintelligible website and it was further stolen away by someone else who basically had infected the systems across countries (McGoogan et.al. 2017). Whatsoever, the attack could have been prevented had the Windows been updated on a regular basis and the anti-virus being run frequently. The limitations of the government and the vulnerable systems of them are one of the basic reasons behind the scam. They lack the vigilance in protecting crucial information and such significant weapons as well. The user also should be trained such that they do not get lured by such spam mails and open them up. Had the said spam mails not opened the said attack would not have happened (Newman, 2017). However, lastly it is understood that a thorough training along with a stringent protection policy is a must for safeguarding against theft of such weapons which if stolen are a danger to the nations security worldwide. References: Daily Breeze. (2017). Patient records stolen in computer breach at Torrance Memorial Medical Center. Retrieved from https://www.dailybreeze.com/technology/20170619/patient-records-stolen-in-computer-breach-at-torrance-memorial-medical-center Davis,J. (2017). Phishing attack on Torrance Memorial puts patient records at risk. Retrieved from https://www.healthcareitnews.com/news/phishing-attack-torrance-memorial-puts-patient-records-risk DistilNFO HitTrust Advisory. (2017). Torrance Memorial Phishing Attack Exposed Many Patients Records. Retrieved from https://www.distilnfo.com/hitrust/2017/07/07/torrance-memorial-phishing-attack/ Massive Media. (2017). Torrance Memorial Medical Center Hit By Phishing Attack. Retrieved from https://www.massivealliance.com/2017/06/21/torrance-memorial-medical-center-hit-by-phishing-attack/ NewsBreak Live. (2017). Torrance Memorial Medical Center Breach. Retrieved from https://torranceca.wordpress.com/2017/06/20/torrance-memorial-medical-center-breach/ Socal,P. (2017). Patients Info Compromised In Torrance Memorial Data Breach. Retrieved from https://news.fraud.net/patients-info-compromised-in-torrance-memorial-data-breach/ BBC News. (2017). Massive ransomware infection hits computers in 99 countries. Retrieved from https://www.bbc.com/news/technology-39901382 Graham,C. (2017). NHS cyber attack: Everything you need to know about biggest ransomware offensive in history. Retrieved from https://www.telegraph.co.uk/news/2017/05/13/nhs-cyber-attack-everything-need-know-biggest-ransomware-offensive/ Goswami,D. (2017). Wanna Cry ransomware cyber attack: 104 countries hit, India among the worst affected, US NSA attracts criticism. Retrieved from https://indiatoday.intoday.in/story/wanna-cry-ransomware-attack-104-countries-hit-nsa-criticised/1/953338.html Hern,A. Gibbs, S. (2017). What is WannaCry ransomware and why is it attacking global computers. Retrieved from https://www.theguardian.com/technology/2017/may/12/nhs-ransomware-cyber-attack-what-is-wanacrypt0r-20 Kharpal,A. (2017). How to tell if youre at risk from the WannaCry ransomware and what to do if you have been attacked. Retrieved from https://www.cnbc.com/2017/05/15/ransomware-wanncry-virus-what-to-do-to-protect.html McGoogan,C., Titcomb, J. Krol,C. (2017). What is WannaCry and how does ransomware work. Retrieved from https://www.telegraph.co.uk/technology/0/ransomware-does-work/ Newman,L.H. (2017). The ransomware meltdown experts warned about is here. Retrieved from https://www.wired.com/2017/05/ransomware-