Harknett is co-director of the Ohio Cyber Range Institute, chair of the Center for Cyber Strategy and Policy and director of the School of Public and International Affairs at the University of Cincinnati. He holds an affiliate faculty position with the University’s School of Information Technology.
“This has all of the markings of what we call a ransomware attack,” he told Fox 19.
Harknett said that Kettering Health’s decision to mitigate and monitor, while still operating its emergency services, was the best way to manage the threat in the short-term.
“In this case we call it cyber-resiliency. How resilient are you? Can you get your operations back up and running in a quick way?” he said.
Harknett also told WCPO that health care providers are a preferred target of cyber crime due to the sensitive data they hold. “They have a lot of valuable data, a lot of personal data. But they also have urgency,” said Harknett. The stakes are higher when organizations need their technology back to smoothly run hospital and emergency operations.
“If some of this data leaks, then there will be other kinds of criminal actors who then try to scam down the road,” he added.
Harknett said the number of cybergangs specializing in ransomware has nearly doubled in the last two years.
Harknett also broke down the modus operandi of many of these groups to the Dayton Daily News. “If we’re dealing with ransomware, one of the reasons that the health sector is seeing an increase in these types of attacks is, when you’re engaged in extortion, you want to coerce the other side to give you money. You want them to feel as much urgency as possible,” he said.
He explained that these types of groups typically have reputations they wish to uphold in their circles, and usually are unlikely to leak consumer data if the ransom terms are met. Then after the conclusion of an attack, they usually publicly reveal themselves.
“These are not your basement hooded hackers,” Harknett said.
