Hackers are increasingly relying on patients’ emotional distress at having their intimate and sensitive details shared to manipulate them into giving in to their demands, writes Martin Walshaw, senior engineer at F5 networks.
The recent cyberattack on a Lithuanian cosmetic surgery clinic is evidence of a new trend in cybercrime – one in which hackers threaten to expose their victims’ most intimate and sensitive information.
With the recent WannaCry hacks still fresh in the minds of organisations and consumers across the globe, this development is sure to cause concern. The hackers in this instance appear to have published private photos and personal information – an upsetting violation of the privacy of the patients involved.
And given that health tourism is on the rise, the number of potential victims for hackers to call on is growing.
There are an increasing number of gateways that cyber-criminals target to infiltrate organisations, and traditional malware methods such as phishing are still commonly used in ransomware attacks. User training and education goes a long way, but it should not be the primary method of preventing these attacks.
Organisations need systems in place to filter and monitor email for phishing attacks, as well as reduce and restrict full administrative privileges to contain damage from a compromised account.
t is also essential to perform and test backups regularly, although they should avoid having backups on the network – should a hacker gain entry, they can find and encrypt it just as easily as other data.
With the Protection of Personal Information Act holding companies to strict accountability when it comes to their clients’ personal information, organisations to need to pay special attention to this sensitive type of data. In cases such as these, it’s definitely better to be proactive than to be caught on the wrong side of a such a distressing situation.