“These detection spikes and changes in tactics suggest that cybercriminals are investing more to infect systems and maximize their profits,” FireEye’s Ronghwa Chong writes. “Additionally, we have observed that the delivery of Dridex via this distribution channel seems to have stopped, or nearly so, which could explain why we are seeing the Locky uptick.”
A report published in March by the Institute for Critical Infrastructure Technology proclaimed that ransomware such as Locky, which it singled out, will “wreak havoc on America’s critical infrastructure community.” The following month, the Department of Homeland security issued an alert focusing on ransomware attacks against hospitals that also mentioned Locky.
The Department of Health and Human Services, last month, published guidance on ransomware, saying that the government considers such attacks a data breach unless there’s a low probability of information being compromised.
Your money or your PHI: OCR releases new guidance on HIPAA and ransomware: https://t.co/eitx0ZY2En— HHS OCR (@HHSOCR) July 11, 2016
The guidance reinforces the ways HIPAA compliance helps prevent and detect security threats, such as requiring entities to conduct risk analysis, implement procedures to safeguard against malicious software, train employees to detect malicious software and limit access to protected health information to only those who need it to perform their jobs.