Unintended Consequences

From today's ABC News publication: "Paying thousands of dollars to resolve a serious attack that has penetrated a multimillion dollar business such as a large hospital would be "a no brainer," said James Carder, chief information security officer of LogRhythm, a security intelligence and analytics firm."  https://abcnews.go.com/Technology/wireStory/hospital-pays-thousands-end-attack-ransomware-37020323 

We don't negotiate with terrorists. Or do we?  The generations-old statement synonymous with American public posture has taken a few hits in recent years.  From the trade of Sgt. Bowe Bergdahl for a handful of notorious GTMO prisoners to today's revelation of Hollywood Presbyterian Medical Center's (HPMC) ransom payment of $17,000 to unlock their own patient data brings the once forbidden territory to new possibilities.

Until 2001, Colombia was the kidnap center of the world with the majority of all successful kidnap-ransom matters in that country alone (in 2013 they moved to 6th place).  With a federal government incapable of routing the FARC or ELC, who could blame them?  Mafia-style protection rackets succeed nicely where governments lack the capacity to provide real security to the citizens it serves.  Terror organizations from the Taliban to ISIS have made kidnap-ransom a regular part of their revenue flow, especially when an unstable government is the law of the land.  Ransomware attacks are simply the next generation of criminals taking advantage of the government's weakness in the wild west of the world wide web.

And while LogRhythm's CSO James Carder is correct in his assessment of the hospital's decision on many levels, the promotional consequence of bowing to pressure from cyberterrorists is more than certain to inspire additional attacks.  

Cybersecurity for public entities needs to become more than just the guy we hired at city hall to be more responsive resetting my password.  Until that happens, I'd expect to see an expansion of ransomware to the public sector.