Blockchain's Bid to Rid the World of Data BreachesPlus, Ransomware's 'Scorched Earth' Effect on Cloud-Based Operations
Leading the latest edition of the ISMG Security Report: Ransomware crypto-locks customer data stored by a cloud-based service provider. Also, there's a move afoot to use blockchains - public ledgers that list transactions chronologically and publicly - to better protect people's personally identifiable information.
In this report, you'll hear (click on player beneath image to listen):
- Crypto-locking malware hits the cloud: Analysis of the ransomware attack against cloud-based service provider Allscripts, which stores electronic health records for 7.2 million patients, by HealthcareInfoSecurity Executive Editor Marianne Kolbasuk McGee. Adam Kujawa, director of malware intelligence at security firm Malwarebytes, says ransomware attacks hit an all-time high in 2017 and are not going away anytime soon;
- Blockchains could reshape identity management: Blockchains could revolutionize how organizations access people's personal information, say Martha Bennett, a principal analyst with Forrester; Avivah Litan, a vice president and distinguished analyst at Gartner; and Zimbani's Ivan Niccolai. One massive potential benefit: Customers could be in control of their own information, lessening the risk posed by data breaches. But as ISMG Managing Editor for Security and Technology Jeremy Kirk reports, putting this into practice won't happen overnight (see Blockchain for Identity Management: It's Years Away).
- Data breaches break record: The total number of breaches reported in the United States increased from 2016 to 2017 by 45 percent, reaching a record high of 1,579 separate breaches. So says the Identity Theft Resource Center, a non-profit that helps ID theft victims. It found that in 2017, hacking remained the top cause of breaches, with phishing attacks as well as malware - including ransomware - cited as the leading attack vectors.
The ISMG Security Report appears on this and other ISMG websites on Fridays. Don't miss our Jan. 16 and Jan. 19 editions, which respectively analyze the move by U.S. healthcare companies to comply with the EU's General Data Protection Regulation and why some ransomware victims with working backups still pay ransoms instead of manually restoring all affected systems.
The next ISMG Security Report will be posted on Friday, Feb. 2.