Posted on Monday, January 15, 2018 in CybersecurityBlog written by Rob Swenson
You know that ransomware is a big deal when it becomes the storyline in a popular TV show.
A ransomware attack drove the plot of the Nov. 16 episode of “Grey’s Anatomy,” a fictional medical drama set in the busy and supposedly high-tech Grey-Sloan Memorial Hospital in Seattle. Fans of the soapy but venerable ABC show will find out Jan. 18 how the situation plays out.
The sudden ransomware attack depicted in the November cliffhanger rendered computerized medical equipment useless, seriously endangered patients and distressed medical professionals at Grey-Sloan. As the episode ended, a hospital leader wanted to pay the demanded cyber currency equivalent of $20 million to restore the hospital’s network.
Meanwhile, a team of FBI agents who inexplicably showed up within minutes of the attack scrambled to try to solve the crime. They didn’t want the hospital to pay.
Ransomware is malware that maliciously gets downloaded into a company’s network – typically by deceptive means. Ransomware encrypts files and makes computerized information unreadable or inaccessible. Then, typically, the anonymous hackers demand payment in an online currency such as Bitcoin to release the files. (At least they say they will release the information, if paid. There are no guarantees when dealing with criminals.)
The “Grey’s Anatomy” depiction of a malware attack began when equipment linked to the hospital’s network began to fail during a busy time. Then an ominous message appeared on monitors:
“Hello Grey Sloan Memorial. Currently we control your hospital. We own your servers. We own your systems. We own your patients’ medical records.”
The hackers demand 4,932 Bitcoin and threaten to destroy medical records if the ransom is not paid.
The show exercises dramatic freedom, especially with timelines and the rapid response of law enforcement officers to an attack on a medical. However, the consequences of a ransomware attack were shown in believable fashion.
“I thought that the effects of ransomware that they showed were actually pretty plausible. It was a possible outcome of a ransomware attack,” said Chris Aeilts, a sales engineer at SDN Communications.
Aeilts was among a room full of SDN employees who recently watched a replay of the ransomware episode during lunch and discussed the topic. Companies such as SDN are on the front line of helping businesses protect themselves from cyberattacks, including ransomware. Ransomware has become a common risk for medical service businesses.
The ransomware attack as depicted on “Grey’s Anatomy” struck Aeilts as the possible outcome at a hospital without good cybersecurity measures in place. “The chances of having an attack affect that many systems all at once are fairly slim,” he said.
There are two important, initial steps that healthcare facilities and other businesses can and should take to reduce the prospective damage of such an attack, Aeilts said. They are:
- Train employees well and on an ongoing basis. The factor common to most real-life ransomware attacks and other cyber breaches is human failure of some kind. An employee might be tricked into clicking an infected link, for example, or talked into giving out a password or other sensitive information.
- Segment business networks. One of the most important technical precautions a business can take is to divide its computer network into sections. Segment the company’s network and protect the sections with firewalls so that malware can’t easily travel throughout a system.
Other steps that businesses can and should take include effectively backing up their data on a regular basis.
Law enforcement officers generally advise against paying ransom because it encourages more crime. But the temptation for a company to pay is likely to be influenced by the value of the information in danger of being lost.
Aeilts is among the viewers of the ransomware episode who are interested in finding out whether Grey-Sloan Memorial pays the ransom or if justice prevails in some other way. The show returns from its winter break Thursday, January 18th, at 7 p.m. CST on ABC.
It’s only a TV show, but perhaps prime-time media attention will spur some businesses to prepare better for risks. The hope here is that businesses eventually become so well protected that the profit motive from deploying ransomware disappears. That wouldn’t make for a dramatic TV show, but it would be great for the business world.
Our latest cybersecurity posters include an infographic to educate your employees about ransomware. Use the button below to request a free download to print for your business.