NEWS
NEWS
NEWS
Hospital pays ransomware demands, but criminals demand more
There are several reasons why the most common advice for dealing with ransomware is “don’t pay it.” Once you’ve shown cyber criminals that you’re willing to pay money to retrieve your data, there’s nothing stopping them from targeting you again, if they even uphold their end of the deal.
Such is the case for Wichita-based Kansas Heart Hospital, which fell victim to ransomware, and decided to pay up. But to their surprise, criminals who would lock a hospital out from its vital data did not have the moral backbone to hold up their end of the bargain, providing only partial access and demanding more money.
The good news for the hospital and its patients, Fox News reports, is that patient information is not at risk, and was never jeopardized by the ransomware attack. Exactly what information was stolen has not been revealed, but it is apparently important enough for the hospital to decide paying the ransom was the right move.
According to TechSpot, the hospital is not paying any further ransom, and has a strategy in place to minimize the damage. It’s not the first hospital to pay a ransomware attacker’s demands – which typically range in the tens of thousands of dollars – but doing so is ill advised.
“Paying a ransom doesn’t guarantee an organization that it will get its data back,” explained FBI Cyber Division Assistant Director James Trainor. “We’ve seen cases where organizations never got decryption keys after having paid the ransom. Paying a ransom not only emboldens current cyber criminals to target more organizations, it also offers an incentive for other criminals to get involved in this type of illegal activity. And finally, by paying a ransom, an organization might inadvertently be funding other illicit activity associated with criminals.”
Instead, he recommends organizations focus more on prevention efforts, not only in technical prevention controls, but in awareness and training for employees, as well as a solid business continuity plan, including regular and secure backups.
Fortunately for Kansas Heart Hospital, it had a continuity plan in place. Unfortunately, getting back that money it paid the criminals along with the stolen data will be a more difficult task.
photo credit: Peg legged pirate robber via photopin (license)
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
