Heartless hackers recently held 10 U.S. hospitals and the lives of sick peopleÂ at ransom.
For $18,500 US, they endangered Washington and Baltimore patients by infecting key medical systems.
The hackers did thisÂ by targeting and infecting the hospital’s not-for-profit parent organization, MedStar, with a nasty new ransomware.
The ransomwareâ€”Samsamâ€”requires no human interaction to activate. Unlike most ransomware, which targets humans, it targets servers instead.
According to MedStar spokesperson Ann Nickels, lives could have been lost if not for the quick thinking and preparedness of their IT staff.
When Samsam hit, MedStar’s IT department detected the intrusion. Immediately, they shut downÂ most of their network operations.
It was only because they had backups on hand that they were able to restore three main clinical systemsÂ and protect the lives of their admitted patients.
Not only did the act protect the sick, itÂ foiled the plans of the SAMSAM attackers, who were upstaged by the IT staff.
It’s not the first hospital to be attacked this year. Hackers have learned with a few lines of code they can freeze medical systems and delay patient treatment, holdingÂ lives at gunpoint.
With so much at stake, most hospitals hastily pay the ransomers. And afterwards, the hackers seem to be encouraged.
Earlier this year, a Los Angeles hospital paid US $17,000 to ransomware attackers. Directly after,Â dozens of hospitals in California, Nevada and Kentucky were fresh victims of the ransomware attacks.
Just a week before the MedStarÂ incident, the FBI sent out a flash warning about Samsam, but it did little to mute it. The only thing that did was a proper backup strategy.
It’s another example of why backups for organizationsâ€”both profit and not-for-profitâ€”are not an option, but a necessity. Even the sick aren’t safe from ransomware.
These attacks come in the wake of criminal codersÂ starting to offerÂ ransomware-as-a-service,Â sellingÂ their softwareÂ to would-be blackmailers.
The age of ransomware thatÂ started in 2013 with CryptoLocker seems to be getting worse before it gets better.
For any business or organization, big or small, we suggest using a reliableÂ backup and recovery program like BackupAssist and implementing a properÂ backup strategy.