Sign up for our Technology Newsletter 
Hospitals Should Brace For Surge In Ransomware Attacks
Comments Off on Hospitals Should Brace For Surge In Ransomware Attacks
U.S. hospitals should brace for a surge in “ransomware” attacks by cyber criminals who take computer networks hostage, then demand payment in return for unlocking them, a non-profit healthcare group warned on Friday.
The Health Information Trust Alliance conducted a study of some 30 mid-sized U.S. hospitals late last year and found that 52 percent of them were infected with malicious software, HITRUST Chief Executive Daniel Nutkis told Reuters.
The most common type of malware was ransomware, Nutkis said, which was present in 35 percent of the hospitals included in the study of network traffic conducted by security software maker Trend Micro Inc.
Ransomware is malicious software that locks up data in computers and leaves messages demanding payment to recover the data. Last month, Hollywood Presbyterian Hospital in Los Angeles paid a ransom of $17,000 to regain access to its systems.
This week, an attack on MedStar Health forced the largest healthcare provider in Washington, D.C., to shut down much of its computer network. The Baltimore Sun reported a ransom of $18,500 was sought. MedStar declined to comment.
HITRUST said it expects such attacks to become more frequent because ransomware has turned into a profitable business for cyber criminals.
The results of the study, which HITRUST has yet to share with the public, demonstrate that hackers have moved away from focusing on stealing patient data, Nutkis said.
“If stuff isn’t working, they move on. If stuff is working, they keep doing it,” said Nutkis. “Organizations that are paying have considered their options, and unfortunately they don’t have a lot of options.”
Extortion has become more popular with cyber criminals because it is seen as a way to generate fast money, said Larry Whiteside, a healthcare expert with cyber security firm Optiv.
Stealing healthcare data is far more labor intensive, requiring attackers to keep their presence in a victim’s network undetected for months as they steal data, then they need to find buyers, he added.
“With ransomware I’m going to get paid immediately,” Whiteside said.
Courtesy- http://www.thegurureview.net/aroundnet-category/hospitals-should-brace-for-surge-in-ransomware-attacks.html
Maryland Bill To Ban Employers From Facebook Snooping
Comments Off on Maryland Bill To Ban Employers From Facebook Snooping
The practice of employers requesting job applicants to provide their account login information for Facebook and other social media sites will soon be a think of the past, as Maryland is poised to be among the first states to ban the practice. The state’s General Assembly has passed the bill, which now awaits the signature of Gov. Martin O’Malley, reports The Baltimore Sun.
O’Malley is expected to sign the bill into law, reports The Gazette.
Melissa Goemann, who directs the American Civil Liberties Union’s legislative efforts in Maryland, tells the Sun, “this is a really positive development, because the technology for social media is expanding every year, and we think this sets a really good precedent for limiting how much your privacy can be exposed when you use these mediums.”
Goemann says the ACLU took up the case of Maryland Corrections Officer Robert Collins, who had been asked to give his Facebook login and password to Corrections officials during a recertification interview.
As news spread of similar cases, legislators at the state and federal level vowed to take action and ban the practice, on the grounds that it is an unreasonable invasion of a job-seeker’s privacy. Sens. Chuck Schumer and Richard Blumenthal say they asked the U.S. Justice Department to investigate whether the practice is illegal.