Wednesday, January 15, 2020

Ransomeware Hackers Now Threatening to Expose and/or Sell Patient Data


News is now starting to show up on the web that in addition to hackers encrypting drives in healthcare settings with ransomware, these same hackers are then threatening to expose PHI (Protected Health Information) on the Internet.  This double pronged attack is one more way that nefarious actors are using to try to force victims to pay the ransom.

This latest trick works like this:  Once hackers gain access to a system, they download a perfectly viable copy of the data and keep it.  Then they plant the ransomware which encrypts the victim’s hard drive.  In most instances when the hard drive is encrypted the computer screen shows a message that has the instructions for how to pay the ransom & often a countdown timer showing how much time remains before the data will be destroyed.

Now, in addition to that, the message also says that unless the ransom is paid all the downloaded data will either be made available on the web or sold to the highest bidder.  The victim is caught in a huge vice with this.  Not only do they need their data, but if it is released there is also the potential for huge fines due to HIPAA violations.

Even if an office has good restorable backups and can recreate their data easily, the fear of this PHI exposure may be more than enough to pay the ransom.

This whole data theft area is becoming dicer by the minute and is one more great reason to turn your network security over to professionals...

No comments:

Post a Comment