Learn about Zero Trust Architecture
Impenetrable cybersecurity without sacrificing usability
Gain detailed visibility into all your endpoints activities
Harden applications and hardware environments
Immediate and continuous response to incidents
Close the window of time your data could be exposed
Get your Comodo solutions setup, deployed or optimized
Control access to malicious websites
Defend from any internet based threats
Stop email threats before it enters your inbox
Preserve and protect your sensitive data
Keep your website running fast and malware free
Add encryption to your websites
Automated certificate mgmt. platform
Secure private intranet environments
Digital signature solutions for cloud apps
Encrypt emails for senders and recipients
Stay compliant with PCI DSS
Trusted authentication for IoT devices
Francisco Partners a leading technology-focused private equity fund, has acquired a majority stake in Comodo’s certificate authority business. Newly renamed from Comodo CA Limited to Sectigo Limited. Privacy Policies, Trademarks, Patents and Terms & Conditions are available on Sectigo Limited’s web site.
Meet the people behind the direction for Comodo
Get the latest news about Comodo
People are the key to achievement and prosperity
Stay up to date with our on-demand webinars
Worldwide: Sales, Support and General Inquiries
Schedule a live demonstration of our solutions
Need immediate help? Call 1-888-551-1531
Instantly removes viruses to keep your PC virus free
Experience true mobile security on your mobile apple devices
Secure Internet Browser based on Chrome
Chrome browser internet security extension
Submit a ticket to our support team
Share any product bugs or security flaws
Collaborate with research experts on data sets
Valkyrie Threat Intelligence Plugins
Valkyrie Threat Intelligence APIs
Ransomware is pretty dreadful when it hits consumer PCs and smartphones. But ransomware is also frequently being used to target organizations and institutions around the world. WannaCry’s effect on the UK NHS public healthcare system last year highlighted how harmful ransomware can be when it hits hospital computers.
This past February, I wrote about a ransomware attack on an American hospital where the target actually paid the ransom in order to restore operations:
“On January 11th, Hancock Regional Hospital in Indiana discovered that their computers had been infected with SamSam ransomware, a malware variant which has existed since early 2016. The hospital decided to pay the four Bitcoin ransom in order to get their files decrypted, which was worth around $55,000 USD at the time…
Hancock Regional Hospital is the anchor of the Hancock Health network, with several facilities in the area east of Indianapolis. The Regional Hospital itself is in Greenfield, Indiana.
When hospital workers discovered the SamSam attack on January 11th, they engaged their incident response and crisis management plan and engaged the hospital legal team and an outside cybersecurity firm. They also contacted the FBI cybercrime task force…
‘We were in a very precarious situation at the time of the attack,’ Hancock Health CEO Steve Long said. ‘With the ice and snow storm at hand, coupled with the one of the worst flu seasons in memory, we wanted to recover our systems in the quickest way possible and avoid extending the burden toward other hospitals of diverting patients. Restoring from backup was considered, though we made the deliberate decision to pay the ransom to expedite our return to full operations.’”
In similar fashion, on July 15th, workers at Mahatma Gandhi Mission Hospital in Navi Mumbai, India discovered ransomware on their computers. On that day, hospital administrators found their computer systems locked, and an encrypted message demanded a Bitcoin ransom for decryption. They found that all of their data from the past fifteen days was also encrypted, and computerized billing and prescription systems were inoperable. The amount of the ransom and the strain of ransomware used has not been reported.
The Cyber Cell of Navi Mumbai police are investigating the incident. “We are trying to ascertain the Internet Protocol Address (IP) from where the email (demanding ransom) originated,” said Deputy Commissioner of Police Tushar Doshi.
Meanwhile another Indian hospital was recently hit by ransomware as well. The attack on MGM New Bombay Hospital in Vashi, India was also discovered on July 15th. The affected systems and data and the strain of ransomware haven’t been reported. The ransom demanded Bitcoin but didn’t specify an amount.
Hospital administrator P.K. Shashanker said “Around 9 PM on Sunday, a system message popped up saying that our system had been hacked and we should contact the culprits to retrieve our data. They had provided an email address, but we did not write to them and filed an FIR on Monday. Our technical team is working on retrieving the data. The hospital has not faced any financial loss.” Vashi Police are investigating.
I can’t be certain with limited information, but I suspect that the attacks may be connected and deployed by the same cyber attackers. Both attacks were discovered on July 15th, and both targeted Indian hospitals.
There are reasons why hospitals are often ransomware targets. Stu Sjouwerman of Cybersecurity firm KnowBe4 said “If you have patients, you are going to panic way quicker than if you are selling sheet metal. (Hospitals) have not trained their employees on security awareness … and hospitals don’t focus on cybersecurity in general.”
Sjouwerman also says that American hospitals are often focused on HIPAA compliance for medical data privacy instead. HIPAA compliance and protecting medical data is important. But so is teaching hospital staff not to open email attachments from unfamiliar entities and properly securing Remote Desktop Protocol implementations, two frequent vectors of ransomware attacks. Data privacy, ransomware prevention, why not do both?
Sjouwerman continued, stating that security awareness training for staff is quite feasible and is worth the effort. “You can actually truly get a dramatic decrease in click-happy employees. You send them frequent simulated phishing attacks, and it starts to become a game. You make it part of your culture and if you, once a month, send a simulated attack, that will get people on their toes.”
Ransomware Protection Software
Tags: Ransomware attacks,cybersecurity,wannacry
Reading Time: 2 minutes Cyber breaches are quite common in the medical industry. In 2019 alone, over 40 million patient records were breached, an almost 50% increase in cases from the previous year. With COVID-19 increasing the need for healthcare and forcing more interactions between providers and patients to take place online, the risk of cyber breaches has increased….
Reading Time: 2 minutes Ransomware is a dilemma that we have been facing for quite some time now. However, in 2020, we have seen a significant rise in the total number and variety of ransomware attacks. This latest ransomware boom is most probably the outcome of organized cyber-criminal networks recognizing the revenue-generating potential of this ‘business model’—amounting to over…
Reading Time: 3 minutes Overview One of thefirst times the public witnessedfirsthandand realized the power of ransomware was when WannaCry broke out in 2017. The government, education, hospitals, energy, communications, manufacturing and many other key information infrastructure sectors suffered unprecedented losses.Looking back, thatwas just the beginning, as there have since been many versions, such asSimpleLocker, SamSam and WannaDecryptor for…
Sign up to our cyber security newsletter
Comodo Cybersecurity would like to keep in touch with you about cybersecurity issues, as well as products and services available. Please sign up to receive occasional communications. As a cybersecurity company, we take your privacy and security very seriously and have strong safeguards in place to protect your information.
See how your organization scores against cybersecurity threats