Ransomware Shuts Down Kentucky Hospital

The word "ransom" brings to mind Hollywood-esque letters constructed out of magazine clippings, perhaps demanding payment for the return of a high-profile hostage. As far-fetched as this scenario may seem, cybercriminals are in fact now using "ransomware" to hold organizations' own documents captive until the company pays for their release. 

Recently, such an attack hit a Kentucky hospital, encrypting the healthcare organization's files and effectively locking doctors and administrators out of their own system. Forced to shut down every desktop computer as it scanned them one-by-one for signs of the virus, the hospital declared an "internal state of emergency" as it was left processing transactions and logging treatments by hand. To regain access, the organization faced a ransom of four bitcoins, or about $1,600.

Organizations are often left with no choice but to pay the ransom.
  Healthcare organizations' data security needs are putting new demands on data networks every day.

Healthcare organizations' data security needs are putting new demands on data networks every day.

It took the healthcare organization five days to regain control of their network, which they say they were able to do without paying up. That being said, had the hospital been forced to pay for access, it would not have been the first. Earlier this year, a California hospital paid $17,000 to take back their network after a ransomware attack, NPR reported. When these sophisticated strains of malware infect a large organization, it is often left with no choice but to dish out the cash – few can afford to spend several days offline looking for an alternate solution. 

This type of attack is becoming more prevalent, according to antivirus software provider Norton. The company estimates cybercriminals net as much as $5 million from successful ransomware attacks each year.

To keep your network from being exposed, it's crucial your software stack is kept up to date, from your security programs to those you use for everyday operation. To ensure your system is equipped with robust security technology, ensure the company you are working with is built to support mission critical IT operaions. Your infrastructure provider should have a deep understanding of your IT environment.  This allows them to recommend the right products and systems to protect your infrastructure, as well as offer you the help you need when you need it. To understand which providers are a fit for your requirements, contact ARG today