American Hospital Paid 4 Bitcoin ($55,000) Ransom to Regain Access to 1,400 Files
Greenfield — US-based Hancock Health hospital has paid a ransom of 4 bitcoin ($55,000) of regaining access to its computer systems 1,400 files encrypted by hackers.
Hancock Health, a Greenfield-based hospital, Indiana, said they'd acknowledged the attack of SamSam (aka Samas) ransomware at 9:30 PM on Thursday, January 11, 2018, when employees of the hospital got locked out of the systems and were encountered with the ransom note.
The attack used ransomware, a kind of computer malware that locks up computers until a ransom is paid, usually in the form of Bitcoin.
Through the effective teamwork of the Hancock technology team, an expert technology consulting group, and our clinical team, Hancock was able to recover the use of its computers, and at this time, there is no evidence that any patient information was adversely affected. the hospital reported on Monday, January 15.As per to the local media of Greenfield, the hackers targeted the hospital systems files and temporarily changed the names of everyone files to "I'm sorry."
An analysis since the attack confirmed no personal patient information was taken by the hackers, believed to be located in eastern Europe, the affected files were backed up and could have been recovered, but restoring them would take days — maybe even weeks — and would be costly, Said Hancock Health CEO Steve Long.The hacker asked for four bitcoin, a virtual currency used to make an anonymous transaction which is nearly impossible to trace. at the time of the transfer, those four bitcoin valued about $55,000.
How did the hacker manage to break in?
Hospital CEO says that the compromise was not by an employee opening a malicious email attachment, instead, the hacker accessed the hospital remote access portal with an outside vendor's username and password and deployed the ransomware on computers across the network.