For hackers, raiding servers for data and ferreting through it to extract nuggets of useful information is old hat. Far easier and – apparently more profitable – is ransomware, where hackers send out malware and “lock up” a computer or network, releasing it back to the control of its owners only when they pay a ransom.
Especially lucrative, hackers have found, are ransomware attacks against hospitals – institutions that generally don’t have high levels of computer security, but do have high-value information that needs to be protected.
It’s such institutions that Israeli cyber-security firm Votiro especially seeks to protect with its zero-day exploit — referring to brand-new threats — protection technology, with Jerusalem’s Alyn, Israel’s only pediatric and adolescent rehabilitation facility, the latest hospital in a growing list to adopt Votiro’s technology.
Hospitals are no more vulnerable than anyone else to malware, because most of it is delivered not through high-tech means that good cyber-defenses could protect against, but by decidedly low-tech phishing methods in which hackers send out scam emails with links or attachments loaded with a malicious payload that, once delivered, can quickly compromise a system. Hospitals, though, have more at stake than many other organizations, since they are accountable to patients, insurance companies, and government regulators.
In recent months, ransomware attacks against hospitals have wreaked havoc with hospital budgets, and with patient records. Last February, for example, Hollywood Hospital paid hackers 40 bitcoins – then worth about $17,000 – to free up the patient records that had been frozen by hacker ransomware. In March, hackers were able to seize control of the network of the Medstar hospital system in Maryland, freezing up records that it demanded an undisclosed amount of money for. According to the company, it did not accede to the hackers’ demands. Other hospitals have been hit as well, with one in Kansas attacked twice: After it paid the demanded ransom, the hospital was hit up again by the same group of hackers.
Votiro’s system prevents that malicious payload from getting onto a system in the first place. The company’s system “neutralizes” exploits by dissecting and reconstructing attachments and files that are sent in phishing messages – messages that appear to be legitimate, possibly from managers, friends, or other trusted sources. Unwitting recipients open these attachments and infect their own computers and networks, but Votiro then steps in, keeping those attachments in a special area where they can be checked, the problematic code can be removed and the legitimate data forwarded to the recipient.
According to Votiro, it’s the only way to protect systems, as relying on the good judgment of users is not an option.
“All incoming files and email messages undergo an active cleansing process that neutralizes unknown exploits without having to rely on signatures,” the company says of its technology. “The process is automatic and therefore does not rely on employees’ assessment of incoming files’ safety.”
The temptation to click on important-looking attachments is too great, according to this assessment; the best way to protect users from rogue files and attachments is to keep them away from users in the first place.
“We are very excited to be working with ALYN,” said Itay Glick, CEO and co-founder of Votiro. “As we have seen over the last several weeks with the increase of attacks against hospitals and medical centers, these facilities and the patients they care for can be placed in grave danger when they come under cyber attack.”
“Votiro’s technology plays a major role in our cybersecurity systems and information security defense arrays,” said Uri Inbar, director of IT at ALYN Hospital. “Its unique zero-day exploit protection technology has far exceeded our expectations, and we believe it to be an extremely important security solution that any organization should consider including in its information security fulfillment strategy. We enjoy working with Votiro, and we are extremely satisfied with their ongoing support.”