Ransomware and data encryption, find out how it poses a threat to organizations and how you can be safe!
For many authors, the greatest asset of a company is the information, they represent an important value like other assets, and likewise its loss represents consequences for the same one.These assets vary from credentials, product licenses, personal employee data, and customer data. Healthcare companies have been a target for ransomware attacks for some time now. Currently these attacks have been on the rise due to the COVID-19 pandemic.
One of the latest attacks was on the R1 medical debt collection company earlier this month. The attack was highlighted after the company published its financial results for this second quarter of the year. This company made no further statements about its attack, however, there is speculation that it may have been malware known as Defray, which emerged in 2017 and is aimed at healthcare companies.
For the purposes of this article, I believe it is important to know the term ransomware, which is a type of specialized malware that encrypts computer data files and requests a “ransom” payment to decrypt the previously modified data and make it readable again.
Once ransomware penetrates a system, it starts changing the files or vital system structures so that they can only be used again after being restored to their original state. This requires a key that only criminals know about, in order to perpetuate the attack.
It is also possible to get an insight into data encryption. In general terms, this means modifying data by using keys to make it unreadable for those who do not have the key, and then using the decryption process to return the data to its original state. This technique protects the sensitive information of an organization, since if the data that is encrypted is intercepted it will be practically unreadable.
As we can see, data encryption has two extremes as far as its use is concerned, it is a tool that can be used in favor of companies in the aforementioned way, as well as in a completely counterproductive way, such as through attacks by cyber-crooks.
Looking back, one of the first encryption techniques was “cease-and-desist”, which consisted of replacing each letter of a file with any other letter of the alphabet. However, due to its low complexity, over time ways were developed to counteract this technique.
But up to this point, after we have seen the extremes of this technique, should we still consider encrypting our companies’ data? The answer is yes.
Encrypting data means that every time we want to access information, we have to carry out a decryption process, which adds a higher level of security, even if it slows down the process. But it is important to put into perspective what is at stake: in September 2011, a Dutch company called Diginotar, had to declare bankruptcy after suffering an attack where it lost information, so it is important to take into account the number of companies that have suffered a significant loss due to the loss of information through these attacks.
The corporate guide of data encryption given by ESET reflected some benefits that companies can obtain when implementing a data encryption system:
- Protecting an organization’s sensitive information: If this sensitive information of a company were to be hijacked, it could generate great economic damages, loss of competitiveness, or even mean the closure of the company. Therefore, encryption helps to protect important information.
- Protect business communications: the process of data encryption is associated with data transmission, since these messages that companies send usually travel through external channels, such as the Internet, and are therefore exposed to hijacking. Likewise, resources such as encryption in messages sent by email represent a good option for safeguarding an organization’s communications.
- Protecting the image and reputation of an organization: there are types of information that are extremely important because they are related to customers, so confidentiality is very important, especially in these data, so that the theft of these can significantly affect the reputation and credibility of this, in addition to having unrecoverable losses.
- Protect mobile and wireless devices: any device that can leave the company such as cell phones, tablets, laptops, etc. They can be lost or stolen, so when facing these situations it is important to ensure that no third party can access this information. Therefore, data encryption can also be implemented on these devices to secure any important information found on these devices.
Other considerations that must be taken into account when encrypting data are the keys, as these represent the only way to decrypt the information that will later be used. Therefore, it is important to choose a secure key.
The keys indicated for this purpose are those that are long, have random content, upper and lower case, special characters, among others; although they are more difficult to remember than the typical “1234” keys, these can ensure the least accessibility by unauthorized third parties.
One incident caused by the fragility of a password could be the case of Burger King in 2013, which suffered an attack in which criminals took control of its official Twitter account and changed the appearance of its account and replaced it with images of its competitor.
Now, what type of information should we encrypt? Well, mainly information that is destined to be sent to channels outside the company, so message encryption guarantees that only the receiver who holds the key can access the information.
Then we have the information of vital importance for the company, because although it is not destined to be sent to third parties, it also runs the risk of being accessed by third parties, an example could be information that is on laptops that suffer theft and being unprotected this information could be easily extracted by unauthorized persons.
Finally, it is worth adding the case of smart phones and tablets. Since these types of devices are increasingly used in the corporate environment, both for sending information and for storing this data, it is necessary to consider encrypting data in a selective manner.