Indiana cancer agency suffers from the ransomware attack
Cyber criminals see no limits in choosing a new victim. A week ago, Cancer Services of East Central Indiana-Little Red Door located in Muncie, Indiana became yet another target[1]. Though the institution did not experience major financial losses, since it refused to pay astonishing 55 Bitcoins ($44,600), but the personal patients’ data were threatened. There are no exact reports whether the crook leaked any personal details online. Naturally, the virtual community might dive into a discussion: who is behind this attack? Could it be Locky virus?
The increasing number of medical institutions shifting to electronic systems have also opened a new realm of possibilities for felons[2]. Not only the US remains the main target for racketeers, but other countries also report cases about the hacked servers of medical institutions[3]. In search of the main culprit, there are too many misleading tracks. Every style of the cyber attack differs which suggests that different gangs or individuals launch such cyber campaign. While some keep on devising spam emails with corrupted attachments, others break into the servers or simply use DDoS attacks[4].
The case of attacked Little Red Door non-profit organization sparks debates about the motive of this attack. On 11 January around 10 p.m, the agency detected the locked network by an unidentified ransomware. Interestingly, that the fraudster personally contacted the head of the institution via email ant text messages. Such behavior is quite uncommon since usually cyber criminals communicate via an anonymous network or single-use email addresses. What is more, the felon demanded the institution to pay 50 bitcoins. Otherwise, he would contact the family members of cancer patients. IT researchers did not take long to trace the possible identity of the villain as he revealed. The Dark Overlord claims to be the author of this attack. As his notorious hacking experience shows that previously the attacker mainly hacked into computers and sold personal data on a darknet. The choice to attack this quite small non-profit organization, instead of a legal institution with bigger annual income, suggests of possible alternative motives behind the ransomware assault.
Fortunately, Little Red Door has restored their network without giving in to the hacker’s demands. Additionally, they contacted the FBI to open the investigation on this matter. The wavering position of FBI’s about paying the ransom or not has sparked the imagination of conspiracy theorists[5]. Meanwhile, companies and users should develop several backup plans and data recovery methods in case of an attack.
- ^ Pierluigi Paganini. US cancer agency targeted by a singular ransomware attack. Security Affairs. Security' is everyone's responsibility .
- ^ Arthur Allen . Cyber ransom attacks panic hospitals, alarm Congress. Politico. Politics, Policy, Political News.
- ^ Kevin Rawlinson. London NHS hospital trust hit by cyber-attack. The Guardian. News, sport, and opinion from the Guardians' global edition.
- ^ Michael Kan. Can a DDoS attack on Whitehouse.gov be a valid protest?. PCWorld. News, tips, and reviews from the experts on PCs, Windows, and more.
- ^ John Zorabedian. Did the FBI really say “pay up” for ransomware? Here’s what to do…. Naked Security. Computer Security News,Advice and Research.