Ransomware Bites 400 Veterinary Hospitals — Krebs on Security
National Veterinary Associates (NVA), a California company that owns more than 700 animal care facilities around the globe, is still working to recover from a ransomware attack late last month that affected more than half of those properties, separating many veterinary practices from their patient records, payment systems and practice management software. NVA says it expects to have all facilities fully back up and running normally within the next week.
Colin Bastable, CEO of security awareness training company Lucy Security, commented:
“Ninety-seven percent of successful attacks involve some form of social engineering, and over 90% start with a phishing email. The more that we train people to be security aware, the less successful hackers will be. Hackers are in business to make serious money – most employees go to work to pay the bills and stay employed, so offense is always more motivated than defense. Spending retrospective dollars on defensive technology alone may be less effective than investing in both technology defenses and staff cyber-awareness training.
When I demonstrate spoofing emails, around 10% of them get straight through to the prospect, after they always assure me that they have perfect defenses. This is especially so in government, which explains why ransomware is so effective in crippling state and local government.
Ransomware attacks can wipe out entire systems in minutes – have a recovery plan and know what you will do when you are hit. Planning in advance is better than making it up when you have no phones, no email and no data.”