Attackers broke into Ottawa Hospital’s network with ransomware that initially encrypted four computers.
Hospital officials publicly stated that its IT staff has since wiped the machines clean, restored necessary data through backup copies, and added that none of the other 9,800 computers were affected and no patient data was compromised.
The ransomware attack against Ottawa Hospital is the latest in a string of cybercriminal attempts to gain access to hospital computers then lock down that data and demand payment, typically in Bitcoin, to decrypt it.
Trustwave’s Spam Research Database, in fact, found some 4 million malware-bearing emails sent during a seven-day period earlier this month, with malware comprising nearly 20 percent of all spam sent.
“The campaigns are not continuous, but concentrated bursts, with peaks of 200,000 emails hitting our servers in a single hour,” Trustwave wrote. “Ransomware … has a very destructive payload.”
In February, Hollywood Presbyterian Medical Centre in Los Angeles suffered a ransomware attack that shut down or significantly damaged enough computers that hospital was forced to revert to paper for mucho of its operations and ultimately paid $17,000 ransom in Bitcoin to regain control of its systems.
And earlier this month, cyberattackers targeted Apple users with the first known ransomware written specifically for Apple software, according to security firm Palo Alto Networks.
Ransomware attacks are growing in frequency because they require relatively less skill than more sophisticated attacks, according to Secure Ideas CEO Kevin Johnson.
“It’s a simplistic attack, easy with someone for low knowledge,” Johnson explained. “I’m not calling them morons. It’s just that pulling it off does not require a hard-core skill. And because ransomware is a high-impact attack it’s becoming really popular.”
That said, when providers have solid data back-up and recovery in place, as Ottawa Hospital did, they can get that information back and not have to pay the ransom.