How to tackle cyberattacks and improve cybersecurity
In Season 4, Episode 10 Decrypt , The Good Doctor, the IT specialist gets cornered when the hospital's systems got hacked. The claim was that some hackers had got into the system and encrypted all the files. So even a storage locker had to be broken into because the password didn't work.
Then the insurance company was called, because the hackers were demanding $2Million (₹15,13,86,680 ~ ₹15 Crores) , where the rep says that he will negotiate with the hackers, because they are amateurs.
The head of the hospital wasn't worried, till he finds out that the backups were also encrypted.
Then the saving grace is that one hard drive didn't get corrupted.
What this means, is that most files are locked with a key, which is with these hackers. Without access to these files, the systems relying on this data, won't work, patient files won't show.
Having been called to companies which got attacked by Ransomware, I can say that most of this can be avoided, if the right structure is put in place.
Today, cybersecurity is mainstream, far and away from the initial discussions we used to have to bring Ethical hacking conferences to life in 2012.
So in a nutshell, cybersecurity is about protecting your infrastructure from:
a) Leaking out data to the world
b) Protecting data from the world
My initial interactions with security solutions started with the first startup I worked with in 2003 in the mobile network space with RADIUS (Used a lot in today's VPNs like Cisco Anywhere) and DIAMETER solutions which focussed on AAA:
- Authentication: Authenticate the visitor
- Authorisation: Decide what authority the visitor gets, in terms of access control and which sections of your infrastructure they are allowed to access.
- Accounting: Create a complete audit trail of what the visitor is doing within the infrastructure. So CCTV footage can be considered as a form of accounting where it can be used to view what particular individuals are doing.