Cyber security concerns were at the forefront of technology news in November, and for good reason. Uber’s victimization at the hands of hackers became widespread knowledge, thereby shaking confidence in the company’s ability to protect its users.
What’s more, ransomware continued to grow at a frighteningly fast pace. Sales of this malicious software that encrypts data and holds it for ransom skyrocketed, according to recent industry reports. What’s more, ransomware was named as one of the biggest hazards for health technologies.
While these revelations are certainly scary, the best way to solve the cyber security problem facing the enterprise is to deeply understand it. To that end, let’s explore some of the biggest stories in the news this month and dissect what they mean for businesses and consumers.
Uber Paid Off Hackers
November was something of a bleak month for Uber, the ride-sharing giant that has dominated the space for years. However, this most recent story isn’t about the company’s cars or drivers. Rather, this event had to do with the personal data of 57 million people and how hackers used it to get $100,000 out of Uber.
According to Bloomberg Technology, the trouble started in October 2016 when cyber criminals gained access to the names, email addresses and phone numbers of 50 million customers. What’s more, these hackers were also able to steal the data of around 7 million drivers.
While that is certainly bad enough, the factor making this such a huge story was that Uber’s chief security officer Joe Sullivan decided the best course of action was to pay the hackers $100,000 to delete this information.
It seems that this payment was part of an attempt to keep the hack out of the public space. This chief security officer – along with one of his deputies – wanted to avoid a PR nightmare by simply paying off the criminals. However, as the FBI and many other agencies state, giving a hacker money is never a good idea. Not only does this embolden the cyber criminal to break the law again, but it can also be illegal.
In fact, Bloomberg Technology stated that New York Attorney General Eric Schneiderman has since begun an investigation into Uber’s handling of this event. What’s more, Uber has been sued for negligence in this case.
The backlash from this event continues to ripple. Sullivan has lost his job along with the deputy who helped him, and Uber’s public persona is forever damaged. This, combined with the class action lawsuit concerning the sexual assault of riders, is going to plague the company for some time.
Ransomware Costs Skyrocket
Ransomware has been a major problem for cyber security experts for some time now. Although there’s many reasons for this rise in popularity among hackers, one of the most dangerous is something called Ransomware-as-a-Service. This term is used to describe the creation of ransomware solely for sale on the dark web. What’s more, it looks like this industry is growing by leaps and bounds.
Another report found that ransomware sales on the dark web grew 2,502 percent between 2016 and 2016. This is a very clear indication that the RaaS industry is booming, which is a terrifying prospect. The reason that RaaS is so scary is twofold. First, it means that an extremely complicated weapon can find its way into the hands of a novice. A lot of “script kiddies” with a lack of technical expertise are buying ransomware online, and many don’t have a full understanding of how it works. This could lead to a swath of businesses paying hackers to decrypt their data, only to find that this person doesn’t even know how.
On top of that, it looks like the price of ransomware kits is staying low. We found the average price of these products to be $10.50, with some being sold for only $0.50.
Ransomware Named Biggest Health Technology Hazard
Clearly, ransomware poses a major threat to all industries. However, a recent release from the Emergency Care Research Institute pointed out just how big of a problem it is for healthcare. The organization named ransomware the biggest health technology hazard for 2018.
While it’s certainly good to see industry experts coming together to point out the inherent dangers of ransomware, it’s not surprising to see this malware variant top the list of threats for the medical industry. This malicious piece of software has always been a major problem for the sector due to its need for consistent access to patient information. Healthcare data can quite literally mean the difference between life and death, and many organizations opt to simply pay the hacker rather than work without information.
While all of these threats may seem overwhelming, it’s important to not become paralyzed with fear. Organizations within affected industries need to use this information as a kick in the pants to increase cyber security protections. Hackers aren’t going anywhere, so it’s up to the good guys to create solutions and ensure the safety of private data.