Montgomery General Hospital in West Virginia was forced to take its systems offline after it was breached and hit by a ransomware attack.
Most attacks now follow the same path: criminals breach an organization's security and steal whatever they can, then deploy some form of ransomware. The stolen documents are then used to extort money from the organization.
As it turns out, the Montgomery General Hospital incident highlighted the importance of some measures against such attacks, even when criminals do manage to compromise a company's security.
According to an Information Security Media Group report, hackers hit the hospital with a ransomware attack on March 1, but they may have infiltrated the infrastructure as early as Feb. 28. The attacker only managed to compromise a few servers holding mostly historical institutional data, such as old payments or budget documents.
Criminals asked for a $750,000 ransom and threatened to release the information online. They also "promised" to delete the stolen information if the payment went through.
"We could have attempted to pay the ransom, but the data was so old that it wasn't worth paying," said CEO Deborah Hill. "We were advised not to pay by law enforcement."
Since the old data could be recovered from existing backups and other partners, the attack on the hospital was fruitless. The attack's only real effect was a 24-hour offline period for all systems decided by the IT department to ensure that nothing else was compromised.
Some of the information ended up online anyway, but it shows that using backups, protection and cyber insurance can go a long way when dealing with ransomware attacks.
tags
Silviu is a seasoned writer who followed the technology world for almost two decades, covering topics ranging from software to hardware and everything in between.
View all postsDecember 19, 2024
November 14, 2024