This Month Only! >> $20 off and a FREE SHRM tote with your membership and code TOTE2018!
Sign up for free email newsletters and get more SHRM content delivered to your inbox.
Is your employee handbook keeping up with the changing world of work? With SHRM's Employee Handbook Builder get peace of mind that your handbook is up-to-date.
Build competencies, establish credibility and advance your career—while earning PDCs—at SHRM Seminars in 12 cities across the U.S. this spring.
#SHRM18 will expand your perspective – on your organization, on your career, and on the way you approach HR. Join us in Chicago June 17-20, 2018
Members may download one copy of our sample forms and templates for your personal use within your organization. Please note that all such forms and policies should be reviewed by your legal counsel for compliance with applicable law, and should be modified to suit your organization’s culture, industry, and practices. Neither members nor non-members may reproduce such samples in any other way (e.g., to republish in a book or use for a commercial purpose) without SHRM’s permission. To request permission for specific items, click on the “reuse permissions” button on the page where you find the item.
A cyberattack that crippled more than 200,000 hospitals, offices, schools and other organizations in more than 150 countries worldwide this weekend hasn't been as widespread Monday in the U.S. as experts feared.
But it ripped through the rest of the world.
Known as WannaCrypt or WannaCry, the ransomware is believed to have been developed and then stolen from National Security Agency.
"The initial attack, known as 'WannaCry,' paralyzed computers that ran Britain's hospital network, Germany's national railway and scores of other companies and government agencies around the world" including entities in Russia,
The Associated Press reported. (The Associated Press)
Security awareness training firm KnowBe4 cautioned companies to heed new alerts from Microsoft and the FBI, and offered these tips for companies on prevention and mitigation (SHRM Online):
Ransomware Attacks On The Rise
Ransomware attacks have risen steadily within the last year. Security experts say this weekend's attack is the worst, caused by the most widespread malware they've ever seen. A 22-year-old IT researcher in the U.K. slowed the spread of the virus Saturday, though more reports surfaced Monday of newly infected computers. (CNN Money)
HR professionals have seen ransomware attacks like this before, in which computers are infected with a virus and data held hostage until a ransom is paid. (SHRM Online)
Hackers demanded $300 in ransom from banks, government agencies, hospitals, factories, and transportation systems in dozens of places, including Brazil, China, India, Japan, Russia, Ukraine and Spain. The longer the ransom is not paid, the more the ransom increases. Security analysts feared the ransomware attack could spread as employees turned on their computers Monday and tried to work on infected devices and machines. Governments and officials worldwide raced to contain the fallout from the cyberattack over fears their failure would cause companies to lose their data unless they paid the ransom. (CNN)
Hospitals were hit, too. One doctor told Sky News that hackers had "stopped access to everything, including patients' medical records" and warned: "'It could be potentially life-threatening.'"
Some hospitals stopped sending ambulances, canceled surgeries and shut their computer systems down to prevent spreading the virus and endangering more data. (Sky News)
[SHRM members-only HR Q&A: How to Safeguard Employee Information]
HR and Hospitals: Goldmine for Hackers
HR professionals should prepare for more ransomware demands as they are often the first line of defense against cybercrime and the keepers of the most sensitive employee data: social security numbers, dates of birth and other personal details. Backing up files, encrypting data and patching software is of paramount importance. (SHRM Online)
In fact, the National Health Service, England's publicly funded healthcare system, was reportedly given a patch that would have prevented the hospital system from being hacked. But it was never used. (The Mirror)
Hospitals are especially attractive to hackers because they, too, contain a treasure trove of personal data that can then be exploited or sold on the black market online.
Trend Micro, a Los Angeles-based global security software company, reports that "more than 26 percent of all data breaches occur in health care, making it the No. 1 targeted industry in the U.S."
And although experts advise backing up files, hackers are targeting those backup files, too.
You have successfully saved this page as a bookmark.
Please confirm that you want to proceed with deleting bookmark.
You have successfully removed bookmark.
Please log in as a SHRM member before saving bookmarks.
Please sign in as a SHRM member before saving bookmarks.
Please purchase a SHRM membership before saving bookmarks.
An error has occurred
Recommended for you
Become a SHRM Member
SHRM’s HR Vendor Directory contains over 10,000 companies