!!! IMPORTANT INFORMATION !!!
All of your files are encrypted with RSA-2048 and AES-129 ciphers.
Decrypting of the files is only possible with the private key and decrypt program, which is on our secret server.
Imagine you come into work one morning and the entire computer network is shut down and all files are inaccessible!
That’s what happened to a friend of mine who owns a business in New Jersey. On their network were two letters from hackers that had hacked into their computer system overnight – one that contained a link where they could get their ENCRYPTED files and network back and another that told them how to get the special software key needed to decrypt those files.
To receive the decrypt key, they would need to pay ransom of 5.1 bitcoins.
The letter said:
Send 5.1 BTC to Bitcoin address 1NMetz34bzt3kx1gKQvsvtGJIDWKRXxJR
Bitcoins are a digital online “cryptocurrency” that cannot be traced and can be converted into real dollars. In my friend’s case, the hackers were asking for 5.1 Bitcoins which is about $2,500.
Now they had a choice, pay the $2,500 and get their files and network back immediately or hope that they had the proper backups and spend time restoring the files and network. During that time, the business would effectively be shut down and all work stopped.
Working with their IT department they determined that all of the files were backed up and they could restore the files and the network very quickly. They decided to use the backups and within hours they were back at work with a fully restored network.
They restored their network and presumably, the hackers moved on to other businesses that weren’t as prepared and would be willing to pay the ransom. By keeping their dollar demands relatively small, it encourages businesses to pay the ransom rather than spend the time trying to recover their network. The time and effort to recover the network is often more costly than just paying the ransom demanded.
What if this same scenario happened at your facility?
If you’ve been reading the news lately you know that hackers are targeting healthcare facilities with this exact scenario. The response from facilities has been varied. Some have decided to pay the ransom; others were able to recover their networks on their own.
At this point, the entire healthcare industry is aware that hackers and ransomware represent a critical threat to their business and patients. Organizations are taking steps to address the issue but many don’t know where to turn first.
In part 2 of this article, we will look at steps compliance, IT and education can take to help increase security in your healthcare facility.