The week in security: To pay or not to pay? Ransomware puts hospitals on life support

Credit: Illustration 94358378 © Tawatdchai Muelae - Dreamstime.com

A high-profile ransomware strike affected surgeries and other operations across Victoria’s hospital systems.

Ransomware remains such a problem that the US FBI to offer advice around whether businesses should give in and pay a ransom or not – and healthcare organisations should pay particular heed since figures suggest they have accounted for 79 percent of ransomware strikes this year.

Closer analysis of the major Marriott data breach gave a better view of what had happened to threaten hundreds of millions of records in the hotel giant’s reservation system.

With everyday operations getting more dangerous by the day, the University of Canberra knew that it had to be careful with backup and other data management services as it pushed ahead with a “radical” cloud migration.

Such cloud moves promise major business benefits, but cybercriminals are paying attention too – and, some warn, Microsoft Office 365 in particular is leaving organisations exposed.

Also leaving organisations exposed was a new zero-day Android exploit, which was already being exploited by hackers to compromise Pixel and Galaxy phones.

Meanwhile, security researchers warned about Chinese cyber-espionage group PKPLUG, which has been using both custom-built and off-the-shelf hacking tools.

The Cobalt (aka Carbanak) cybercrime group may be launching Magecart skimming attacks, researchers warned.

Also issuing warnings was the UK government, which pushed security teams to check and secure their Palo Alto, Fortinet and Pulse Secure VPNs urgently.

The US Justice Department was entreating tech companies to provide police with ‘lawful access’ to encrypted communications – echoing a debate that has already mushroomed in the Australian climate.

CSO’s Security Leaders series talked with Mimecast’s Nick Lennon – who warns about the Big One we haven’t even seen yet – and F5’s Michael Christie, who sees DevSecOps as crucial to building long-overdue business-technology links.

Meanwhile, NBN has been building out its range of business-focused services, helping businesses pivot towards next-generation services.

Microsoft released a virtual desktop tool that allows companies to virtualise Windows 7, 10, and Office 365 Pro Plus apps, and allowed SMBs to pay for extended Windows 7 patches.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Follow our new CSO Australia LinkedIn
Follow our new social and we'll keep you in the loop for exclusive events and all things security!
CSO WANTED
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

Tags ransomwarezero-day vulnerabilitiescyber espionagedata breachcybercriminalsfbi

More about CSOF5FBIFortinetGalaxyMicrosoftMimecastnbnPulse SecureUniversity of Canberra

Show Comments

Featured Whitepapers

Editor's Recommendations

Brand Page

Stories by David Braue

Latest Videos

More videos

Blog Posts