UPDATED 16:31 EDT / MAY 25 2016

NEWS

Hospital pays ransomware demands, but criminals demand more

There are several reasons why the most common advice for dealing with ransomware is “don’t pay it.” Once you’ve shown cyber criminals that you’re willing to pay money to retrieve your data, there’s nothing stopping them from targeting you again, if they even uphold their end of the deal.

Such is the case for Wichita-based Kansas Heart Hospital, which fell victim to ransomware, and decided to pay up. But to their surprise, criminals who would lock a hospital out from its vital data did not have the moral backbone to hold up their end of the bargain, providing only partial access and demanding more money.

The good news for the hospital and its patients, Fox News reports, is that patient information is not at risk, and was never jeopardized by the ransomware attack. Exactly what information was stolen has not been revealed, but it is apparently important enough for the hospital to decide paying the ransom was the right move.

According to TechSpot, the hospital is not paying any further ransom, and has a strategy in place to minimize the damage. It’s not the first hospital to pay a ransomware attacker’s demands – which typically range in the tens of thousands of dollars – but doing so is ill advised.

“Paying a ransom doesn’t guarantee an organization that it will get its data back,” explained FBI Cyber Division Assistant Director James Trainor. “We’ve seen cases where organizations never got decryption keys after having paid the ransom. Paying a ransom not only emboldens current cyber criminals to target more organizations, it also offers an incentive for other criminals to get involved in this type of illegal activity. And finally, by paying a ransom, an organization might inadvertently be funding other illicit activity associated with criminals.”

Instead, he recommends organizations focus more on prevention efforts, not only in technical prevention controls, but in awareness and training for employees, as well as a solid business continuity plan, including regular and secure backups.

Fortunately for Kansas Heart Hospital, it had a continuity plan in place. Unfortunately, getting back that money it paid the criminals along with the stolen data will be a more difficult task.

photo credit: Peg legged pirate robber via photopin (license)

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU