A new ransomware attack called “Locky” has taken place, and this time it is being felt by more than one person. The recent attack takes place in a Methodist Hospital within Kentucky, USA. The hospital is located in Henderson, Kentucky. For many of those who are reading this, the location may not be one that stands out in their minds. And there is a good reason that we are emphasizing where this hospital was located, and that is because this showcases that no matter where you are, even if you believe that you are of no significance, you can be targeted by ransomware.
Locky Attack on the Kentucky Hospital
This latest attack has the hackers requesting that the hospital pay four bitcoins, which is about $1600 in order to have the computer system of the hospital restored. This seems like a low figure to most. However, these hackers are attacking numerous companies at once, allowing them to get smaller amounts from businesses and still turn over a high profit for their crimes.
The Locky ransomware works to infect the entire system, causing complete chaos. The only way that this is fixed is to decrypt the system with a key that the hackers then deliver to you. The ransomware first attaches it to the computer system via a Word file in most cases. According to Brian Krebs, a security analyst, in this case, the Word document made its way into the computer system via an email that was opened.
This is by no means the first time that this type of ransomware has struck. In fact, a month ago, a Los Angeles hospital found themselves in a similar situation. The hackers demanded that they pay 40 bitcoins for the key to return their systems back to normal. This is the equivalent of $17,000. This hospital did pay the hackers their fee, this after they had been locked out of their system for ten days. In a hospital setting, this time frame can mean the life and death of patients, so they did succumb to the demand of ransom.
Lessons Learned from this Attack
What most people are learning is that ransomware is a more serious threat than what they may have given these types of threats credit for before. Many hospitals like to think that they are invincible since they have some security in place. However, these cases prove that the security in place was not as good as they had thought. In addition, cyber security experts are warning about how these hackers are targeting those places of business that may have never considered themselves a target before.
So what can be done in order to keep your business from suffering from a ransomware attack? The main goal is for people to be informed of the several different ways in which ransomware can spread, such as through opening emails or attachments to these emails. The more knowledge a person has about what avenues ransomware can hide behind, the better they are able to determine how much of a risk they are facing.
In regards to this particular attack, it is making many hospitals realize that they are in a very vulnerable position. Hospitals are performing work that is saving the lives of many throughout the world. When hackers target these hospitals, they are going to be putting these hospitals in a vulnerable position to not give people the help that they need. This is going to cause massive issues throughout the United States for patients of these hospitals. It has many hospitals on high alert and doing whatever they can do in order to avoid being hit by ransomware.
Preventing Ransomware Attacks
We all understand that educating those within your network on the safety of what they open and the like is one of the leading ways to prevent ransomware. However, there are a few other things that you can do in order to ensure that ransomware is not attacking your system:
- Learn to back up your files so that if someone were able to hack into your accounts that you still have the pertinent data that you need to function.
- Utilize a security program in order to protect your network.
- Consider a virtual private network to add extra security to the network.
- Always ensure that your software is up to date. Many hackers are able to get into networks due to software being outdated.
- If you were to run a file that you thought was ransomware, immediately disconnect from your internet connection to avoid any information being transferred over the internet. Then call in a security expert to figure out your next steps.
- You can restore your system to a previous state if you are attacked, though be aware that this may mean you lose some information.