Namaste Health Care, a medical clinic based in Ashland, Missouri, announced in October that 1,617 patients’ data had been compromised after ransomware struck its systems.
The attack occurred during the weekend of August 12–13, and Namaste discovered the damage on August 14. The organization believes that anyone who either had or made an appointment up to that date could have been affected.
The compromised data includes names, addresses, dates of birth, Social Security numbers, health insurance information, medical records, and information related to affected patients’ appointments.
Almost perfect response
According to Namaste’s breach notification, the clinic did almost everything right when responding to the breach:
“Namaste learned of this activity on August 14, 2017, and immediately responded. First, we disabled the unauthorized user’s access and took the computer systems off-line, and with the assistance of our IT contractor, we worked to investigate, eliminate, and remediate the malware attack on the systems. We terminated any further remote access permissions pertaining to the system.”
So far, so good. However, the statement continues:
“[W]e then subsequently paid the cyber attacker’s ransom demand in order to obtain the decryption key and restore the encrypted data.”
Paying ransoms to cyber criminals is incredibly risky. There is no guarantee that the criminals will provide the decryption key, and even if they do, you’ll expose yourself as a target for future attacks.
In this instance, Namaste got lucky and its systems were successfully restored, but paying the ransom doesn’t absolve the clinic, as it’s still liable for the data breach, and will have to invest in improving its cyber defenses.
Unfortunately, Namaste is by no means in the minority when it comes to this situation. Organizations can be crippled by data losses, which is why two thirds of organizations give in to cyber criminals’ ransom demands.
There is no doubt that this is why ransomware is quickly becoming the biggest threat organizations face. Successful ransomware attacks fund cyber criminals’ future activities – whether that’s more ransomware attacks or something more ambitious.
Until organizations find a way to deal with ransomware that doesn’t involve paying up and hoping for the best, the threat will only continue to grow.
Preventing ransomware attacks
Although criminals were able to attack Namaste thanks to network vulnerabilities, most ransomware attacks are the result of socially engineered threats such as phishing. Organizations that train their staff to identify and properly respond to malicious emails are much less likely to fall victim.
Our Phishing and Ransomware – Human patch e-learning course provides employees with an overview of the threats they face and how to avoid them. By completing this course, your staff will be able to:
- Explain what phishing is
- Outline the consequences of a phishing attack
- Describe ransomware and crypto-ransomware
- Identify how to avoid falling victim to phishing attacks and ransomware
- List the steps to take if they think they’ve been compromised