In case Ransomware wasn’t in the news or on our page enough,
it seems another major case of this ever popular form of attack was recorded yesterday by Brian Krebs. The victim this time? Yet another hospital: the
Methodist Hospital in Henderson, Kentucky. The hospital’s spokesperson was
certain however that no patient data was lost or harmed, which is very
fortunate. But this is also the third major case of Ransomware infecting hospitals
in the past several weeks, and shows the need for vigilance against this form
of malware.
After speaking with the hospital’s information systems
director, Krebs On Security found
that the particular form of Ransomware in this case is “Locky,” a variant that
ESET’s We Live Security covered in
this article just last week. This type encrypts files, documents, images, and
even videos on an infected hard drive, and then deletes the originals,
requiring the victim to pay a ransom to gain access to their files.
It is unclear if the hospital had proper backups in place,
but they decided to shut down their computers and scan them one at a time to
prevent the infection from spreading to other systems. The hospital said that
paying the ransom was an option that they have considered, but that they would
not pay unless absolutely necessary.
In this incident, the Ransomware infected their systems due
to an employee opening a spam email with an attachment that was infected. This
sort of trickery seems to be common in many forms of attacks, and further
demonstrates how important it is to be careful of suspicious emails.
The cybercriminals are demanding a rather small amount in
this case, roughly $1,600, but this isn’t generally the case. Last month, a
Hollywood hospital was infected with Ransomware, and the attackers demanded
about $3.6 million.
This may suggest that the attackers of this Methodist
Hospital are less aware of what they had encrypted, and may not have
specifically targeted that particular hospital. Blanket attacks like these are
not uncommon, with the booby-trapped email being sent to many email addresses
in hopes that several will be opened, but often without much awareness of who
is receiving the emails.
Whatever the case may have been here, Krebs warns in his
article that it’s possible that Ransomware attacks may become more targeted as
they mature. He also expresses concern that the criminals may in the future pay
closer attention to what they have encrypted, and then demand higher amounts
based on the perceived value. In cases like this hospital, that could prove
very harmful to their business.
All of this again just reinforces the importance of having a
consistent and reliable backup. This is the best and most reliable safeguard
against Ransomware, and is a good practice to keep safe from other attacks that
may potentially corrupt your files. If you haven’t done so yet, now is an
excellent time to start working on a standard backup policy for your business.
Need help in planning a backup and recovery strategy? Astria
Business Solutions can assist you in your Information Security goals. To find
out more or to contact us, visit our website at AstriaBiz.com
No comments:
Post a Comment