[LINK] FW: Urgent warning for aged care providers of potential ransomware attacks

Roger Clarke Roger.Clarke at xamax.com.au
Mon Aug 3 09:57:10 AEST 2020 

From: Department of Health <donotreply at agedcareupdates.net.au>
Sent: Sunday, 2 August 2020 4:31 PM
> URGENT WARNING OF POTENTIAL RANSOMWARE ATTACKS ON AGED CARE PROVIDERS
> A major aged care provider has recently suffered a ransomware attack
with a partially successful attempt to encrypt and steal confidential
data in order to seek ransom payment. ...

[ The data privacy aspects pale into insignificance in comparison with
the denial of access to critical health care data.

[ Unfortunately, the standards of data security in organisations of all
sizes remains disastrously low.  We've long bleated about governments'
falure to set baselines and enforce them, e.g.:
http://www.rogerclarke.com/EC/SSACS.html#SS
http://www.xamax.com.au/EC/ISInfo.pdf
http://www.rogerclarke.com/EC/PBAR.html#PB

[ But the situation now is no better than it was a decade ago.

[ This morning's news of a successful ransom hit underlines the issues:

Travel giant CWT pays $6.3m ransom to cyber criminals
Jack Stubbs
itNews
Aug 1 2020

... The hackers initially demanded a payment of US$10 million to restore
CWT's files and delete all the stolen data, according to the messages
reviewed by Reuters. ...

[ The claim of 'stolen data' remains murky, and likely a red herring.
It appears that CWT had failed to establish suitable backup and recovery
procuders with a secure and sufficiently up-to-date copy of all relevant
data and software, and hence its operations were severely compromised
once it was locked out of the live versions of its databases. ]

__________


From: Department of Health <donotreply at agedcareupdates.net.au>
Sent: Sunday, 2 August 2020 4:31 PM

> URGENT WARNING OF POTENTIAL RANSOMWARE ATTACKS ON AGED CARE PROVIDERS
> A major aged care provider has recently suffered a ransomware attack with a partially successful attempt to encrypt and steal confidential data in order to seek ransom payment.
> The provider has proactively responded and secured their data, but its possible some data has been published.
> Today the Australian Cyber Security Centre (ACSC) has produced a new advisory to assist you and your organisations.
> Please read this advisory<https://health.us10.list-manage.com/track/click?u=1108de8332cef333bc1956686&id=160c9582f0&e=deb2803d20> and note the following key recommendations from the ACSC:
> Never pay a ransom demand
> We recommend you do not pay the ransom if affected by Maze ransomware. There is no guarantee paying the ransom will fix your devices, and it could make you vulnerable to further attacks. Restore your files from backup<https://health.us10.list-manage.com/track/click?u=1108de8332cef333bc1956686&id=59a05712aa&e=deb2803d20> and seek technical advice.
> 
> Identify and backup critical information and systems
> Backing up and restoring<https://health.us10.list-manage.com/track/click?u=1108de8332cef333bc1956686&id=50d5cdec70&e=deb2803d20> your files offers peace of mind and makes it faster and easier to get up and running again following a ransomware attack.
> 
> Keep your systems and software up to date through regular patching
> All your personal or business devices including your phone, tablet, computer or laptop use software to run, such as operating systems like Microsoft Windows or Apple MacOS; and antivirus, web browsers or word processors at work.  These require regular patching to keep them up to date so that new vulnerabilities are addressed.
> 
> Use antivirus software and keep it up to date
> Install antivirus software on all devices and set the software to automatically check for updates<https://health.us10.list-manage.com/track/click?u=1108de8332cef333bc1956686&id=a1bb6fd2c1&e=deb2803d20> on a daily basis.
> You can access this advice as well as broader advice on how to improve your cyber resilience at cyber.gov.au<https://health.us10.list-manage.com/track/click?u=1108de8332cef333bc1956686&id=28053164bb&e=deb2803d20>.
> Department of Health
> 
> Copyright © 2020 Advice to the Aged Care Industry, All rights reserved.


-- 
Roger Clarke                            mailto:Roger.Clarke at xamax.com.au
T: +61 2 6288 6916   http://www.xamax.com.au  http://www.rogerclarke.com

Xamax Consultancy Pty Ltd      78 Sidaway St, Chapman ACT 2611 AUSTRALIA

Visiting Professor in the Faculty of Law            University of N.S.W.
Visiting Professor in Computer Science    Australian National University

More information about the Link mailing list