A hospital in Indiana has coughed up $60,000 to attackers who infected its information systems with Samsam ransomware. The opportunistic hackers capitalised on the severe weather and a serious flu outbreak to force the hospital into paying out four bitcoins to have its patient records unencrypted. The miscreants have now restored access through the return of encryption keys and have not apparently stolen any sensitive data.
Hospitals had been alerted to the threat of the SamSam ransomware as long ago as 2016, but not all IT departments have taken preventative measures. In this instance, staff felt that they needed the data urgently, so reversion to backup hardware or offline records was dismissed as too slow.
This episode highlights the need for hospital IT departments to take into account the necessity for speedy access to records when devising and implementing its cybersecurity strategy.