Reality or just entertaining TV? Cyber experts dig into the Good Doctor’s ransomware episode
February 24, 2021 – Article posted on SCMagazine
On the ABC medical drama “The Good Doctor,” the surgeons at San Jose St. Bonaventure Hospital constantly find themselves making life-or-death ethical and medical decisions.
But last Monday night, when the facility was infected with a ransomware program, the hospital staffers were forced to make another critical choice: Pay or don’t pay?
The premise was, as they often say in television, ripped from the headlines.
Of course, boiling down the intricacies of a hospital ransomware incident into an hour-long drama is no easy task. But the season-four episode “Decrypt” did capture many of the key elements that play into an attack scenario, including incident response, the role of cyber insurance agencies, and the ethics of paying.
SC Media asked two cyber experts with health care experience for their own take on which parts of the episode…
…Tony Cook, head of threat intelligence at GuidePoint Security, thought the graveness of an attack could have been even more starkly represented. “After having the unfortunate experience of working a few incidents involving ransomed hospitals I’m not sure this episode quite hit the mark on how serious a ransomware attack can be,” he said….
…Offsite backups may have been affected by the attack by having some means of persistence or resident malware on them from when the backups occurred, but it’s highly doubtful that true ‘offline’ backups were affected by the ransomware itself. In some cases, it’s possible to clean offline backups to restore from even if they were affected.”
Read more HERE.