Hong Kong's Department of Health targeted by ransomware.

On July 15, 2018, Hong Kong's Department of Health fell prey to a ransomware attack. The attack occurred over a two-week period and infected three computers, encrypting all files stored on these compromised systems. Though the identity of the perpetrator is unknown, the attacker left behind an email address to contact for decryption keys–but made no demand for ransom.

The Department of Health indicated that none of the infected systems contained sensitive information. Since it had online backups for each of the infected computers, the Department of Health was able to promptly resume operations. As this case indicates, keeping regular backups of your data is one of the best ways to thwart ransomware attacks.

A recurring phenomenon.

Ransomware attacks targeting the healthcare industry appear to be a recent trend. An incident of graver nature occurred on June 27 in Singapore, where 1.5 million health records were compromised along with the prescription details of 160,000 people, including that of Singapore Prime Minister Lee Hsien Loong.

While every cyberattack is serious, some have more devastating results than others. COSCO’s attack, while plenty disconcerting and disruptive, doesn’t appear to be as serious as some of the ransomware attacks we've seen in the past—like last year when NotPetya cost shipping giant Maersk $300 million. The lesson we can all learn from these attacks is that mitigating threats after they've breached your network is far more expensive and time-insensitive than having a tool in place to detect suspicious activity in real time, and quickly shut it down before it spreads through your network.

Over the last few years, cyberattacks have been rising on a global level and new kinds of connected devices and avenues of entry have been added to enterprise networks. Both of these factors have made it increasingly challenging to prevent hackers from gaining access to confidential information. Adopting some best practices will help organizations combat these challenges.

Don't want to make the news for the wrong reasons? Download ManageEngine DataSecurity Plus, a tool that can detect, classify , and secure personal data , and mitigate ransomware attacks.

How can ManageEngine help?

Data Security Plus, our file monitoring solution, identifies and mitigates ransomware threats. This tool immediately notifies any involved stakeholders at the first sign of a data breach and shuts down the infected devices, preventing malware from causing further damage. Start a free, 30-day trial today.