SlideShare a Scribd company logo

ransome_case solved.pptx

Download as PPTX, PDF
R
radhika457461

The document summarizes a ransomware attack on a medical practice. Key details include: - The attack encrypted files and demanded ransom payment in bitcoin to unlock them. - It crippled the practice's technology for over a week and forced them to use paper records. - Lessons highlighted the need for incident response plans, backup protocols, and software updates to prevent or recover from such attacks. Recommendations emphasized educating staff, access controls, backups, and antivirus to protect against ransomware.

Education
1 of 30
RANSOMWARE ATTACK ON A MEDICAL PRACTICE A NETWORK SECURITY CASE STUDY FOR MBA-I Subject :ITM Curriculum Topic: Overview of Security Issues in Information Technology
Cyber attacks statistics
Out of Many Future challenges in computer science biggest is Network security The exabyte is a multiple of the unit byte for digital information. In the International System of Units (SI), the prefix exa indicates multiplication by the sixth power of 1000 (1018). Therefore, one exabyte is one quintillion bytes (short scale). The symbol for the exabyte is EB.
Case Study • To help you gain an understanding of what a medical practice experiences during and after a ransom ware attack, here is the story of one such attack. • Link: C:UsersomDesktopransome
Message could be like: Bitcoin is a digital currency (also called crypto-currency) that is not backed by any country's central bank or government. Bitcoins can be traded for goods or services with vendors who accept Bitcoins as payment
Which type of Attack was it?? The attack used what's known as "ransom-ware" -- malicious software that encrypts files which can only be unlocked with a software "key" after a ransom is paid.
The whole scenario could be imagined as:
Findings:
Background • This medical practice was hit by Malware, a type of ransomware virus. • It rendered the practice inoperable for several days, and crippled its technology for more than a week. • The attack made its way onto one of the practice's computers via an email attachment, which had the appearance of a vendor invoice.
Information Risk and security aspects
Potential Impacts on the Hospital and its patients
Organizational Impacts Patients Impacts • key systems got affected, including telephones • The medical center staff had resorted to pen and paper and even fax machines, use their own mobiles for communications • Patients could not communicate easily • wealth of sensitive data from patients was difficult to recover • The entire process took several days as the backup data was stored offsite, which required transportation of the data. • The data needed to be cleaned with antivirus software; and then settings and policies needed to be recreated. • hackers encrypted the hospital's data • patient and outpatient records, insurance documents, internal communications and a host of other files being handled by multiple vendors….failed? • People with serious health problems could be denied care. • worst-case scenario involved, hackers taking over smart devices that monitor vital signs and deliver drugs.
Ransom ware is just one kind of malware malware is just one form of information risk information risk is just one form of many risks of concern to the organization Findings: The problem found is a big chain
Findings: • Hospitals and doctors' surgeries were forced to turn away patients and cancel appointments after they were infected with the ransomware, which scrambled data on computers and demanded payments of $300 to $600 to restore access • People in affected areas were being advised to seek medical care only in emergencies. • If they decided to pay the ransom, it probably means that they didn't have very good backups, they weren't able to recover the data, and that the data would have been lost if they didn't pay the ransom
Findings: Agencies into investigations were: The Federal Bureau of Investigation, formerly the Bureau of Investigation, is the domestic intelligence and security service of the United States, The National Security Agency is a national- level intelligence agency of the United States Department of Defense, under the authority of the Director of National Intelligence
Lessons Learned • Preventive controls can not be completely relied upon • Adequate incident management and business continuity arrangements (including resilience ,recovery and contingency elements) are clearly essential to cope with serious incidents of any kind • We should review our business continuity arrangements(e.g offline backups),test/exercise and improve them to increase assurance that they will work properly when called upon
Why MALWARE GETS IN? It is obvious that users do not want to download viruses to their computers. Some of these factors include the following. Lack of knowledge Overlook the danger surrounding visiting certain sites  Inappropriate anti-virus installations
Outdated necessary software (like Java, Acrobat, Browsers, and others) Sticking with old computers Desperate attempts to solve computer problems Glassberg (2016) suggested that users could download and install malware on their computer from the following sources: - Drive by download Clicking on a wrong advertisement pop-up link  - Phishing attacks through email attachments
Recommendations: Here are valuable tips to follow that will help protect your practice from ransomware or at least put in a position to respond more effectively if you suffer an attack
How to Fight Back
• Healthcare organizations of all sizes need to ensure they are regularly updating their technological, administrative and physical safeguards as cyber security threats continue to evolve. • This is particularly true when it comes to ransomware, as this type of cyberattack has the potential to paralyze a medical practice, or, at the very least, severely disrupt its daily operations and patient care. .
Protect your Business: Tips to prevent being a Victim of Malware/Ransomware: • Educate your employees • Manage the use of privileged accounts. • Employ a data backup and recovery plan • Configure access controls • Use virtualized environments • Make sure all business devices are up to date. • Always use antivirus software and a firewall.
• Enable popup blockers. • Always back up the files on your computer and mobile devices and keep the backups offline. • Keep your computers and mobile devices up to date. • Maintain a nightly or hourly backup of your files – there are many online services that are available. • Keep antivirus and all other software up to date, including Windows Updates. Don’t click on and open things that are unfamiliar and always read the fine print before downloading things.
• Don’t click OK on a popup!! That means you are accepting whatever they are sending to your computer – close the popup by clicking the “X” in the upper-right hand corner of the popup. • Ensure you don’t have full administrative privileges to your computer, this could cause something to install on your computer without prompt.
By paying criminals, you're giving them an incentive and the means to develop better ransomware. "If you pay, you make it that much worse for everyone else," says Casesa. "The bad guys use your money to develop nastier malware and infect others.“ conclusion

Recommended

Chapter 13
Chapter 13Chapter 13
Chapter 13bodo-con
 
Ch15 power point
Ch15 power pointCh15 power point
Ch15 power pointbodo-con
 
Cyber Security and Healthcare
Cyber Security and HealthcareCyber Security and Healthcare
Cyber Security and HealthcareJonathon Coulter
 
Topic #17 IT Security ITSecurityIncidentsA.docx
Topic #17 IT Security ITSecurityIncidentsA.docxTopic #17 IT Security ITSecurityIncidentsA.docx
Topic #17 IT Security ITSecurityIncidentsA.docxjuliennehar
 
FBI Memo on How to Protect Yourself from Ransomware
FBI Memo on How to Protect Yourself from RansomwareFBI Memo on How to Protect Yourself from Ransomware
FBI Memo on How to Protect Yourself from RansomwareDavid Sweigert
 
Law Firm Cybersecurity: Practical Tips for Protecting Your Data
Law Firm Cybersecurity: Practical Tips for Protecting Your DataLaw Firm Cybersecurity: Practical Tips for Protecting Your Data
Law Firm Cybersecurity: Practical Tips for Protecting Your DataAccellis Technology Group
 
HCA 530, Week 2, Introduction to cyber threats and opportunities online cours...
HCA 530, Week 2, Introduction to cyber threats and opportunities online cours...HCA 530, Week 2, Introduction to cyber threats and opportunities online cours...
HCA 530, Week 2, Introduction to cyber threats and opportunities online cours...Matthew J McMahon
 
Cyber physical system for healthcare
Cyber physical system for healthcareCyber physical system for healthcare
Cyber physical system for healthcareJUGAL GANDHI
 

Recommended

Chapter 13
Chapter 13Chapter 13
Chapter 13bodo-con
 
Ch15 power point
Ch15 power pointCh15 power point
Ch15 power pointbodo-con
 
Cyber Security and Healthcare
Cyber Security and HealthcareCyber Security and Healthcare
Cyber Security and HealthcareJonathon Coulter
 
Topic #17 IT Security ITSecurityIncidentsA.docx
Topic #17 IT Security ITSecurityIncidentsA.docxTopic #17 IT Security ITSecurityIncidentsA.docx
Topic #17 IT Security ITSecurityIncidentsA.docxjuliennehar
 
FBI Memo on How to Protect Yourself from Ransomware
FBI Memo on How to Protect Yourself from RansomwareFBI Memo on How to Protect Yourself from Ransomware
FBI Memo on How to Protect Yourself from RansomwareDavid Sweigert
 
Law Firm Cybersecurity: Practical Tips for Protecting Your Data
Law Firm Cybersecurity: Practical Tips for Protecting Your DataLaw Firm Cybersecurity: Practical Tips for Protecting Your Data
Law Firm Cybersecurity: Practical Tips for Protecting Your DataAccellis Technology Group
 
HCA 530, Week 2, Introduction to cyber threats and opportunities online cours...
HCA 530, Week 2, Introduction to cyber threats and opportunities online cours...HCA 530, Week 2, Introduction to cyber threats and opportunities online cours...
HCA 530, Week 2, Introduction to cyber threats and opportunities online cours...Matthew J McMahon
 
Cyber physical system for healthcare
Cyber physical system for healthcareCyber physical system for healthcare
Cyber physical system for healthcareJUGAL GANDHI
 
Seguridad web -articulo completo- ingles
Seguridad web -articulo completo- inglesSeguridad web -articulo completo- ingles
Seguridad web -articulo completo- inglesisidro luna beltran
 
Information Technology Security Basics
Information Technology Security BasicsInformation Technology Security Basics
Information Technology Security BasicsMohan Jadhav
 
Ransomware and tips to prevent ransomware attacks
Ransomware and tips to prevent ransomware attacksRansomware and tips to prevent ransomware attacks
Ransomware and tips to prevent ransomware attacksdinCloud Inc.
 
Cysec.pptx
Cysec.pptxCysec.pptx
Cysec.pptxjondon17
 
In computer security, a vulnerability is a weakness which allows an .pdf
In computer security, a vulnerability is a weakness which allows an .pdfIn computer security, a vulnerability is a weakness which allows an .pdf
In computer security, a vulnerability is a weakness which allows an .pdfanandanand521251
 
Cyberattacks.pptx
Cyberattacks.pptxCyberattacks.pptx
Cyberattacks.pptxSonakshiMundra
 
Information Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn HospitalInformation Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn HospitalAtlantic Training, LLC.
 
LESSON_3_Maintain_Computer_Equipment_and_Systems.pptx
LESSON_3_Maintain_Computer_Equipment_and_Systems.pptxLESSON_3_Maintain_Computer_Equipment_and_Systems.pptx
LESSON_3_Maintain_Computer_Equipment_and_Systems.pptxmahaliacaraan
 
Security and Ethical Challenges Contributors Kim Wanders.docx
Security and Ethical Challenges Contributors Kim Wanders.docxSecurity and Ethical Challenges Contributors Kim Wanders.docx
Security and Ethical Challenges Contributors Kim Wanders.docxedgar6wallace88877
 
Security and Ethical Challenges Contributors Kim Wanders.docx
Security and Ethical Challenges Contributors Kim Wanders.docxSecurity and Ethical Challenges Contributors Kim Wanders.docx
Security and Ethical Challenges Contributors Kim Wanders.docxfathwaitewalter
 
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONSIMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONSPreetiDevidas
 
Presentation 10 (1).pdf
Presentation 10 (1).pdfPresentation 10 (1).pdf
Presentation 10 (1).pdfKARANSINGHD
 
ITPG Secure on WannaCry
ITPG Secure on WannaCryITPG Secure on WannaCry
ITPG Secure on WannaCryITPG Secure Compliance and Certification Training
 
Mis
MisMis
Mismisecho
 
Chapter 10, part 1
Chapter 10, part 1Chapter 10, part 1
Chapter 10, part 1misecho
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptxANIKETKUMARSHARMA3
 
Cyber hygiene Training slide. It focuses on what you need to know to be safe ...
Cyber hygiene Training slide. It focuses on what you need to know to be safe ...Cyber hygiene Training slide. It focuses on what you need to know to be safe ...
Cyber hygiene Training slide. It focuses on what you need to know to be safe ...AwodiranOlumide
 
File000119
File000119File000119
File000119Desmond Devendran
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptxMBRoman1
 
Computer-Security.pptx
Computer-Security.pptxComputer-Security.pptx
Computer-Security.pptxJoselitoJMebolos
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentInMediaRes1
 
Class 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfClass 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfakmcokerachita
 

More Related Content

Similar to ransome_case solved.pptx

Seguridad web -articulo completo- ingles
Seguridad web -articulo completo- inglesSeguridad web -articulo completo- ingles
Seguridad web -articulo completo- inglesisidro luna beltran
 
Information Technology Security Basics
Information Technology Security BasicsInformation Technology Security Basics
Information Technology Security BasicsMohan Jadhav
 
Ransomware and tips to prevent ransomware attacks
Ransomware and tips to prevent ransomware attacksRansomware and tips to prevent ransomware attacks
Ransomware and tips to prevent ransomware attacksdinCloud Inc.
 
Cysec.pptx
Cysec.pptxCysec.pptx
Cysec.pptxjondon17
 
In computer security, a vulnerability is a weakness which allows an .pdf
In computer security, a vulnerability is a weakness which allows an .pdfIn computer security, a vulnerability is a weakness which allows an .pdf
In computer security, a vulnerability is a weakness which allows an .pdfanandanand521251
 
Information Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn HospitalInformation Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn HospitalAtlantic Training, LLC.
 
LESSON_3_Maintain_Computer_Equipment_and_Systems.pptx
LESSON_3_Maintain_Computer_Equipment_and_Systems.pptxLESSON_3_Maintain_Computer_Equipment_and_Systems.pptx
LESSON_3_Maintain_Computer_Equipment_and_Systems.pptxmahaliacaraan
 
Security and Ethical Challenges Contributors Kim Wanders.docx
Security and Ethical Challenges Contributors Kim Wanders.docxSecurity and Ethical Challenges Contributors Kim Wanders.docx
Security and Ethical Challenges Contributors Kim Wanders.docxedgar6wallace88877
 
Security and Ethical Challenges Contributors Kim Wanders.docx
Security and Ethical Challenges Contributors Kim Wanders.docxSecurity and Ethical Challenges Contributors Kim Wanders.docx
Security and Ethical Challenges Contributors Kim Wanders.docxfathwaitewalter
 
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONSIMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONSPreetiDevidas
 
Presentation 10 (1).pdf
Presentation 10 (1).pdfPresentation 10 (1).pdf
Presentation 10 (1).pdfKARANSINGHD
 
Chapter 10, part 1
Chapter 10, part 1Chapter 10, part 1
Chapter 10, part 1misecho
 
Cyber hygiene Training slide. It focuses on what you need to know to be safe ...
Cyber hygiene Training slide. It focuses on what you need to know to be safe ...Cyber hygiene Training slide. It focuses on what you need to know to be safe ...
Cyber hygiene Training slide. It focuses on what you need to know to be safe ...AwodiranOlumide
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptxMBRoman1
 

Similar to ransome_case solved.pptx (20)

Seguridad web -articulo completo- ingles
Seguridad web -articulo completo- inglesSeguridad web -articulo completo- ingles
Seguridad web -articulo completo- ingles
 
Information Technology Security Basics
Information Technology Security BasicsInformation Technology Security Basics
Information Technology Security Basics
 
Ransomware and tips to prevent ransomware attacks
Ransomware and tips to prevent ransomware attacksRansomware and tips to prevent ransomware attacks
Ransomware and tips to prevent ransomware attacks
 
Cysec.pptx
Cysec.pptxCysec.pptx
Cysec.pptx
 
In computer security, a vulnerability is a weakness which allows an .pdf
In computer security, a vulnerability is a weakness which allows an .pdfIn computer security, a vulnerability is a weakness which allows an .pdf
In computer security, a vulnerability is a weakness which allows an .pdf
 
Cyberattacks.pptx
Cyberattacks.pptxCyberattacks.pptx
Cyberattacks.pptx
 
Information Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn HospitalInformation Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn Hospital
 
LESSON_3_Maintain_Computer_Equipment_and_Systems.pptx
LESSON_3_Maintain_Computer_Equipment_and_Systems.pptxLESSON_3_Maintain_Computer_Equipment_and_Systems.pptx
LESSON_3_Maintain_Computer_Equipment_and_Systems.pptx
 
Security and Ethical Challenges Contributors Kim Wanders.docx
Security and Ethical Challenges Contributors Kim Wanders.docxSecurity and Ethical Challenges Contributors Kim Wanders.docx
Security and Ethical Challenges Contributors Kim Wanders.docx
 
Security and Ethical Challenges Contributors Kim Wanders.docx
Security and Ethical Challenges Contributors Kim Wanders.docxSecurity and Ethical Challenges Contributors Kim Wanders.docx
Security and Ethical Challenges Contributors Kim Wanders.docx
 
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONSIMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
 
Presentation 10 (1).pdf
Presentation 10 (1).pdfPresentation 10 (1).pdf
Presentation 10 (1).pdf
 
ITPG Secure on WannaCry
ITPG Secure on WannaCryITPG Secure on WannaCry
ITPG Secure on WannaCry
 
Mis
MisMis
Mis
 
Chapter 10, part 1
Chapter 10, part 1Chapter 10, part 1
Chapter 10, part 1
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
 
Cyber hygiene Training slide. It focuses on what you need to know to be safe ...
Cyber hygiene Training slide. It focuses on what you need to know to be safe ...Cyber hygiene Training slide. It focuses on what you need to know to be safe ...
Cyber hygiene Training slide. It focuses on what you need to know to be safe ...
 
File000119
File000119File000119
File000119
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
 
Computer-Security.pptx
Computer-Security.pptxComputer-Security.pptx
Computer-Security.pptx
 

Recently uploaded

Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentInMediaRes1
 
Class 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfClass 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfakmcokerachita
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...Marc Dusseiller Dusjagr
 
Final demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptxFinal demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptxAvyJaneVismanos
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting DataJhengPantaleon
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxRaymartEstabillo3
 
Biting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdfBiting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdfadityarao40181
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
internship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerinternship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerunnathinaik
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxHistory Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxsocialsciencegdgrohi
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17Celine George
 

Recently uploaded (20)

Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
 
Class 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfClass 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdf
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
 
Final demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptxFinal demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptx
 
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSDStaff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
 
Biting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdfBiting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdf
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
internship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerinternship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developer
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxHistory Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17
 

ransome_case solved.pptx

  • 1. RANSOMWARE ATTACK ON A MEDICAL PRACTICE A NETWORK SECURITY CASE STUDY FOR MBA-I Subject :ITM Curriculum Topic: Overview of Security Issues in Information Technology
  • 3.
  • 4.
  • 5. Out of Many Future challenges in computer science biggest is Network security The exabyte is a multiple of the unit byte for digital information. In the International System of Units (SI), the prefix exa indicates multiplication by the sixth power of 1000 (1018). Therefore, one exabyte is one quintillion bytes (short scale). The symbol for the exabyte is EB.
  • 6. Case Study • To help you gain an understanding of what a medical practice experiences during and after a ransom ware attack, here is the story of one such attack. • Link: C:UsersomDesktopransome
  • 7. Message could be like: Bitcoin is a digital currency (also called crypto-currency) that is not backed by any country's central bank or government. Bitcoins can be traded for goods or services with vendors who accept Bitcoins as payment
  • 8. Which type of Attack was it?? The attack used what's known as "ransom-ware" -- malicious software that encrypts files which can only be unlocked with a software "key" after a ransom is paid.
  • 9.
  • 10. The whole scenario could be imagined as:
  • 12. Background • This medical practice was hit by Malware, a type of ransomware virus. • It rendered the practice inoperable for several days, and crippled its technology for more than a week. • The attack made its way onto one of the practice's computers via an email attachment, which had the appearance of a vendor invoice.
  • 13. Information Risk and security aspects
  • 14. Potential Impacts on the Hospital and its patients
  • 15. Organizational Impacts Patients Impacts • key systems got affected, including telephones • The medical center staff had resorted to pen and paper and even fax machines, use their own mobiles for communications • Patients could not communicate easily • wealth of sensitive data from patients was difficult to recover • The entire process took several days as the backup data was stored offsite, which required transportation of the data. • The data needed to be cleaned with antivirus software; and then settings and policies needed to be recreated. • hackers encrypted the hospital's data • patient and outpatient records, insurance documents, internal communications and a host of other files being handled by multiple vendors….failed? • People with serious health problems could be denied care. • worst-case scenario involved, hackers taking over smart devices that monitor vital signs and deliver drugs.
  • 16. Ransom ware is just one kind of malware malware is just one form of information risk information risk is just one form of many risks of concern to the organization Findings: The problem found is a big chain
  • 17. Findings: • Hospitals and doctors' surgeries were forced to turn away patients and cancel appointments after they were infected with the ransomware, which scrambled data on computers and demanded payments of $300 to $600 to restore access • People in affected areas were being advised to seek medical care only in emergencies. • If they decided to pay the ransom, it probably means that they didn't have very good backups, they weren't able to recover the data, and that the data would have been lost if they didn't pay the ransom
  • 18. Findings: Agencies into investigations were: The Federal Bureau of Investigation, formerly the Bureau of Investigation, is the domestic intelligence and security service of the United States, The National Security Agency is a national- level intelligence agency of the United States Department of Defense, under the authority of the Director of National Intelligence
  • 19.
  • 20. Lessons Learned • Preventive controls can not be completely relied upon • Adequate incident management and business continuity arrangements (including resilience ,recovery and contingency elements) are clearly essential to cope with serious incidents of any kind • We should review our business continuity arrangements(e.g offline backups),test/exercise and improve them to increase assurance that they will work properly when called upon
  • 21. Why MALWARE GETS IN? It is obvious that users do not want to download viruses to their computers. Some of these factors include the following. Lack of knowledge Overlook the danger surrounding visiting certain sites  Inappropriate anti-virus installations
  • 22. Outdated necessary software (like Java, Acrobat, Browsers, and others) Sticking with old computers Desperate attempts to solve computer problems Glassberg (2016) suggested that users could download and install malware on their computer from the following sources: - Drive by download Clicking on a wrong advertisement pop-up link  - Phishing attacks through email attachments
  • 23. Recommendations: Here are valuable tips to follow that will help protect your practice from ransomware or at least put in a position to respond more effectively if you suffer an attack
  • 24. How to Fight Back
  • 25.
  • 26. • Healthcare organizations of all sizes need to ensure they are regularly updating their technological, administrative and physical safeguards as cyber security threats continue to evolve. • This is particularly true when it comes to ransomware, as this type of cyberattack has the potential to paralyze a medical practice, or, at the very least, severely disrupt its daily operations and patient care. .
  • 27. Protect your Business: Tips to prevent being a Victim of Malware/Ransomware: • Educate your employees • Manage the use of privileged accounts. • Employ a data backup and recovery plan • Configure access controls • Use virtualized environments • Make sure all business devices are up to date. • Always use antivirus software and a firewall.
  • 28. • Enable popup blockers. • Always back up the files on your computer and mobile devices and keep the backups offline. • Keep your computers and mobile devices up to date. • Maintain a nightly or hourly backup of your files – there are many online services that are available. • Keep antivirus and all other software up to date, including Windows Updates. Don’t click on and open things that are unfamiliar and always read the fine print before downloading things.
  • 29. • Don’t click OK on a popup!! That means you are accepting whatever they are sending to your computer – close the popup by clicking the “X” in the upper-right hand corner of the popup. • Ensure you don’t have full administrative privileges to your computer, this could cause something to install on your computer without prompt.
  • 30. By paying criminals, you're giving them an incentive and the means to develop better ransomware. "If you pay, you make it that much worse for everyone else," says Casesa. "The bad guys use your money to develop nastier malware and infect others.“ conclusion