[News] Kansas hospital pays ransomware demand, doesn't get files back

QRDA1 file
by ChrisFNP - 02/20/2025 5:15 PM

Prescription Drug Monitoring
by ChrisFNP - 02/20/2025 5:13 PM

Replace Updox?
by ACZ - 02/19/2025 6:41 PM

New Order of Imported Items
by ChrisFNP - 02/19/2025 11:02 AM

QRDA1 file
by It's me - 02/17/2025 9:56 PM

Prescriptions
by ChrisFNP - 02/15/2025 4:29 PM

Problems with eRx and EPCS!!!
by Bert - 02/10/2025 7:53 AM

Bert
Maine

Posts: 12,864
Joined: September 2003

Print Thread

Rate Thread

[News] Kansas hospital pays ransomware demand, doesn't get files back #69110 05/25/2016 5:56 PM
Joined: Apr 2011 Posts: 2,316 Likes: 2 California Sandeep OP G Member
OP Sandeep G Member Joined: Apr 2011 Posts: 2,316 Likes: 2 California	Quote Negotiating with criminals doesn't always work out, as Kansas Heart Hospital in Wichita learned last week. The hospital paid to get files back after falling victim to ransomware, but only got "partial access" and a demand for more money, Techspot is reporting. That's right: the criminals got their ransom, and then decided they wanted more money. The hospital's president, Dr. Greg Duick says the hospital is not paying up. "I'm not at liberty, because it's an ongoing investigation, to say the actual exact amount," said Duick. "A small amount was [paid]." The hospital had a plan for this sort of attack, and it's not clear why it didn't work. Without more details from Kansas Heart, it's hard to say. But there's at least one bright side. Source - Fox News Sandeep Luthra \| LTMedical.net 2023 Practice Systems now available

Re: [News] Kansas hospital pays ransomware demand, doesn't get files back Sandeep #69111 05/25/2016 6:53 PM
Joined: Nov 2006 Posts: 2,084 Central Florida ryanjo Member
ryanjo Member Joined: Nov 2006 Posts: 2,084 Central Florida	I wonder if this was the "Locky" ransomeware. The email looks like a request for payment with an attachment "invoice". When you open the attachment, it asks you to allow macros. If you do, it encrypts your files and demands payment to unlock, usually in bitcoin. It has come to several of our office emails, including an email linked to our Updox workspace. Fortunately none of our staff have fallen for it. John Internal Medicine

Re: [News] Kansas hospital pays ransomware demand, doesn't get files back Sandeep #69112 05/25/2016 7:39 PM
Joined: Sep 2003 Posts: 12,864 Likes: 32 Maine Bert Member
Bert Member Joined: Sep 2003 Posts: 12,864 Likes: 32 Maine	MalwareBytes recommends strongly that you NOT pay the ransom. Of course, with a hospital that may not be so easy. The FBI, which until now, did not have a stance either way has come out and urged people NOT to pay the ransom. It doesn't seem good for business for the criminals to not send the encryption key. Just this story alone would convince many people not to pay. I could see falling for the attachment, but then enabling macros. That's crazy. Bert Pediatrics Brewer, Maine

Re: [News] Kansas hospital pays ransomware demand, doesn't get files back Sandeep #69114 05/26/2016 2:50 PM
Joined: Sep 2010 Posts: 363 Likes: 6 beagle Member
beagle Member Joined: Sep 2010 Posts: 363 Likes: 6	I'm trying to educate my staff on these threats. I have everyone including myself loggin in as a standard user (non-administrator). How much does that help to protect us? For attachment macro attacks should we be specifically disabling them somewhere in Office? And can any non-administrator "enable" macros? Of course I've instructed staff to not open attachments in general unless really sure of the source. We apply all our microsoft, adobe reader, java patches promptly. Backups including disconnected drive. Anything else for prevention recommended? Larry Solo IM Midwest

Link Copied to Clipboard

Comment Guidelines: Do post respectful and insightful comments. Don't flame, hate, spam.

Home Forums Discussions General Discussion [News] Kansas hospital pays ransomware demand, doesn't get files back