Other industries have similar regulations (the financial sector, telecommunications, merchants, government institution, education, etc.) that require data breach notifications to be issued, all with the purpose of protecting the affected persons from identity theft, credit card fraud, etc.
The types of data breaches that need to be reported are categorized depending on their cause: payment card fraud, Hacking or malware, insider, physical loss, portable/stationary device, unintentional disclosure and unknown.
The data breaches to be reported refer to those incidents where data has been put at risk of unauthorized access /dissemination. Since Ransomware destroys data or prevents access to it, incidents involving it are not regarded as data breaches (but as a business continuity incidents) although there is no guarantee that the information encrypted by Ransomware is not uploaded to hackers’ computers as well.
Lately, the Ransomware has become stronger, more sophisticated and more dangerous, as pointed out by the latest report on the matter, by Symantec.
Some key findings of the “Special Report: Ransomware and Businesses 2016”:
“While ransomware attacks to date have been largely indiscriminate, there is evidence that attackers have a growing interest in hitting businesses with targeted attacks.”
“A number of ransomware groups have begun using advanced attack techniques, displaying a level of expertise similar to that seen in many cyberespionage attacks.”
“The average ransom demand has more than doubled and is now $679, up from $294 at the end of 2015.”
These findings support the idea according to which Ransomware should be a leading concern for data security and compliance, and enterprise ransomware protection should be part of the corporate security strategies.
In July 2016, two members of the Congress, Ted W. Lieu and Will Hurd, have addressed a letter to the Deputy Director for Health Information Privacy Office for Civil Rights, in which they stress the importance to differentiate Ransomware from common malware and hacking activities. They recommend inclusion of specific requirements to mitigate the associated risks and provide guidelines on how to handle the Ransomware infection cases.
In September 2016, the FBI has issued a Public Service Announcement, entitled “Ransomware Victims Urged to Report Infections to Federal Law Enforcement”. The announcement presents the Ransomware threats and describes how incident reporting help the national cyber security teams develop means to protect against future attacks.
Ransomware victims should report the attacks here (the FBI Internet Crime Complaint Center): https://www.ic3.gov/default.aspx
In October 2016, two healthcare institutions reported Ransomware attacks as data breaches under HITECH following the Congress advisory and the FBI request, although HITECH itself does not require entities to report Ransomware attacks yet.
USC Keck and Norris Hospitals issued this notice in this respect: https://oag.ca.gov/system/files/NOTICE%20%5BFINAL%5D_0.pdf?
Anne M. Cummings, M.D. F.A.C.P filed this notice in this regard: https://oag.ca.gov/system/files/Cummings%20Notice%20A_0.pdf?
Reporting Ransomware incidents will help companies and authorities gain awareness and develop better methods to respond to such incidents. TEMASOFT develops specialized anti-ransomware software that detects and blocks Ransomware in seconds, allowing recovery of damaged files (included in successful ransomware attacks, if the technology is running at the time of the attack). Such technology will is a critical part of an enterprise ransomware protection strategy, together with awareness training and anti-virus solutions for multilayered security.
Liked this article? Follow us on LinkedIn for more, or subscribe to our newsletter.
References
Symantec Special Report: Ransomware and Businesses 2016: http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/ISTR2016_Ransomware_and_Businesses.pdf
FBI Public Services Announcement https://www.ic3.gov/media/2016/160915.aspx
This post was last modified on August 21, 2023 7:27 am
In the digital world, information is often stored and transferred through files. From the most…
Introduction Data security is more important than ever in today's fast-paced digital world. One critical…
Introduction: Cyber threats are a growing concern for businesses and individuals alike. With the increasing…
Microsoft Internet Information Services (IIS) is a popular web server that is widely used to…
File tracking is an important aspect of server administration, and it can help administrators detect…
File monitoring solutions are essential tools for administrators to manage and protect their organizations' data…