Tag Archives: ransomeware

HHS Publishes Cybersecurity Best Practice Guide

The U.S. Department of Health and Human Services (HHS) recently published voluntary cybersecurity best practices entitled “Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients” (Best Practice Guide). These best practices were compiled over a two-year period by 150 cybersecurity and healthcare experts from both the public and private sector and are a cybersecurity roadmap for healthcare organizations of all types and sizes, from small local clinics to large regional hospital systems.

All entities, especially those in the healthcare field, can learn from this valuable resource.

The Four-Part Best Practice Guide

The Best Practice Guide is four sections: a main document (entitled Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients); two technical volumes; and resources and templates. The Best Practice Guide’s goal is to increase awareness, provide sound practices, and consistently mitigate today’s most damaging cybersecurity threats in the healthcare industry. Continue reading HHS Publishes Cybersecurity Best Practice Guide

TeslaCrypt Ransomware Decryption Key Released

It’s not often criminals get a conscience and turn themselves in to the cops. But in a shocking turn of events, the group supposedly behind the ransomware TeslaCrypt has done just that. Well, they didn’t exactly turn themselves in. But they did release the master decryption key to unlock files encrypted by the TeslaCrypt ransomware.

An analyst from ESET contacted the group through the support channel offered on the ransomware alert screen. When they requested the master decryption key, interestingly enough, it was made public.

Apparently, the ransomware operators have closed down for the time being. They posted the following message, “Project closed. Master key for decrypt … wait for other people to make universal decrypt software. We are sorry!”

ESET has taken it upon themselves to develop the free decrypting tool that unlocks files affected by the TeslaCrypt ransomware. For guidance on using the decrypting tool, visit ESET’s support page.

Scam Email Brings Down Australia National Broadcaster

As reported by CNET, a scam email was enough to bring down Australia’s national broadcaster, ABC News 24.  The Australian Broadcasting Corporation’s (ABC) 24-hour news programming was disrupted after the organization became the victim of a ransom-ware attack. The malware took hold after an employee clicked on a link provided in a phishing email that appeared to be from Australia Post, claiming to contain information about a package that could not be delivered.

Best Practices, in the form of words of wisdom from SANS Newsbites editors commenting on the incident:

  • “‘…an employee clicked on a link provided in a phishing email…’ must not be sufficient to compromise mission critical systems. Think restrictive access controls, multi-party controls, layering, and end-to-end encryption.”
  • “A prime example of why you should not have critical networks interfacing or connected in any way with non-critical networks, especially those connected to the Internet.”