Ransomware is not new in a sense that malware can encrypt files and do bad things, said Eric Decker, a chief information security officer in the health care industry. But around 2015 or 2016, he said organized crime began to leverage it as a tool in far more disruptive and destructive ways.
"Rather than just worried about onesie, twosie computers, it was more about the full attack chain and leveraging that as a weaponized tool to push through your environment and lock up your environment," Decker told Todd Fitzgerald, vice president of cybersecurity strategy at Cybersecurity Collaborative, during a podcast.
This was also about the time the health care sector began taking ransomware seriously, which was after Hollywood Presbyterian Medical Center was taken offline by ransomware and eventually had to pay about $17,000 to regain access.
In addition to stealing your data, this threat actor came to shut down your system unless you paid a ransom, Decker said. "That really, really scared the bejesus out of a lot of people."
In this episode of the CISO Stories podcast, Decker shares how forging relationships and having the appropriate risk-based discussions at the right levels to address the challenge.
Erik Decker is a health care CISO with 21 years of IT experience, 15 years within information security. He is the industry lead of the HHS CSA 405(d) Task Group and responsible for the development of the Health Industry Cybersecurity Practices (HICP) publication, which was recently designated as a “recognized cybersecurity practice” within PL 116-321, which amended HIPAA/HITECH. He is also a member of the Executive Council of the Health Sector Coordinating Council, a joint public-private partnership group tasked with protecting Critical Infrastructure, as defined under the National Infrastructure Protection Plan.