DZone
Performance Zone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
  • Refcardz
  • Trend Reports
  • Webinars
  • Zones
  • |
    • Agile
    • AI
    • Big Data
    • Cloud
    • Database
    • DevOps
    • Integration
    • IoT
    • Java
    • Microservices
    • Open Source
    • Performance
    • Security
    • Web Dev
DZone > Performance Zone > Beating Ransomware: A Race Against Time

Beating Ransomware: A Race Against Time

Ransomware has proved itself to be a lucrative attack against organizations in many industries. Attacks against healthcare, in particular, have more than doubled in recent years, as both information theft and targeted attacks for monetary gain.

Jeannie Warner user avatar by
Jeannie Warner
·
Aug. 09, 16 · Performance Zone · Opinion
Like (3)
Save
Tweet
1.79K Views

Join the DZone community and get the full member experience.

Join For Free

Ransomware has proved itself to be a lucrative attack against organizations in many industries. Attacks against healthcare, in particular, have more than doubled in recent years, as both information theft and targeted attacks for monetary gain. There are already warning stories in the news about criminals using exploits created from unpatched systems and newer vulnerabilities to demand payment (usually in Bitcoin for anonymity) to decrypt files and databases.

On Thursday, April 21, 2016, the FBI contacted a number of healthcare providers, alerting that some of their public-facing web applications were deemed vulnerable to a JBOSS vulnerability that led to an attack called Samas.A, an exploit using the Python tool Jexboss (normally used in vulnerability testing) to introduce ransomware into a system. Threat actors had already created exploits found in the wild and were actively engaged in targeting various organizations by holding their information hostage. One of these healthcare organizations was a customer of WhiteHat Security.

This healthcare provider recognized the severity and potential damage of the situation if they did not remediate, as they had multiple web pages and applications. While the cost to pay the cyber criminals their ransom would have been high, our Healthcare customer was more concerned with the immeasurable damage to the brand, as well as the impact on the customers and government regulations for any possible disclosure of data.

With these concerns in mind, they were keen to resolve the vulnerability straightaway. Our customer reached out to WhiteHat Security for assistance that same day. As a trusted security advisor, WhiteHat was able to provide two primary support services through the crisis:

  • A team of subject matter experts that could provide information, instructions, and constant support
  • Continuous testing, retesting and verification as fixes were being made to identify all instances of JBOSS vulnerabilities over the next 24-48 hours

Without hesitation, WhiteHat Security constructed a response team to provide support particular to our customer. Comprised of subject matter experts with knowledge of the customer’s environment as well as a deep understanding of the code exploit and service vulnerability, they were able to provide specific guidance on how to contain and remediate large outbreaks. The team remained on call and available for meetings, provided vulnerability-specific expertise, and tested against the customer’s production environments.

By close of business the next day, all analysis and defects were completed, allowing the healthcare provider to implement all fixes over the weekend. Additionally, the team made themselves available during the fixes just in case any strange instances needed to be on-boarded, tested, retested, or validated. By Monday, the WhiteHat Security customer support team was officially released to stand down, emergency over.

The WhiteHat Security 2016 Web Applications Security Statistics Report shows that 50% of the web applications in the Healthcare industry are currently operating with unpatched vulnerabilities. Join us in the fight to improve these odds, help keep patient records safe, and keep your organization out of the news.

security Vulnerability application Web Service teams Database Healthcare industry News

Published at DZone with permission of Jeannie Warner, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

Popular on DZone

  • Event-Driven Hello World Program
  • Five Tips to Fasten Your Skewed Joins in Apache Spark
  • Which JVM Version Is the Fastest?
  • MACH Architecture Explained

Comments

Performance Partner Resources

X

ABOUT US

  • About DZone
  • Send feedback
  • Careers
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • MVB Program
  • Become a Contributor
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 600 Park Offices Drive
  • Suite 300
  • Durham, NC 27709
  • support@dzone.com
  • +1 (919) 678-0300

Let's be friends:

DZone.com is powered by 

AnswerHub logo