US hospital pays ransom but doesn’t get files decrypted – criminals ask for second payment

vbimport

#1

We’ve just posted the following news: US hospital pays ransom but doesn’t get files decrypted – criminals ask for second payment[newsimage]http://www.myce.com/wp-content/images_posts/2016/05/TriMark-Signs-Channel-Letters-4-95x75.jpg[/newsimage]

An American hospital that became a ransomware victim didn’t get their encrypted files back after paying the ransom. The cybercriminals behind the ransomware demanded a second payment but the Kansas Heart Hospital didn’t respond to that request.

            Read the full article here: [http://www.myce.com/news/us-hospital-pays-ransom-doesnt-get-files-decrypted-criminals-ask-second-payment-79492/](http://www.myce.com/news/us-hospital-pays-ransom-doesnt-get-files-decrypted-criminals-ask-second-payment-79492/)

            Please note that the reactions from the complete site will be synched below.

#2

They refused to pay a second time?
But surely no self-respecting criminal would take their data hostage and then refuse to honour payment [U]twice[/U] in a row?!? :eek:


#3

Yep, paying the ransom and fuel the fire :confused: - Well, at least this hospital got to experience that this is no route to go down… Confirming ransomware to be a feasible business model I mean :Z

Backup backup backup, nothing else.


#4

They paid the first 22 times and the 23d , they said " Enough is enough":bigsmile:


#5

I wouldn’t have much faith in the integrity of the servers or data files even after paying the ransom to get the files decrypted, and that lack of faith would dictate that I do a complete recovery from backup anyway. So the hospital’s willingness to pay the ransom tells me its IT department wasn’t set up to do a complete recovery, and paying the ransom was it’s only option. If that’s the case, I hope that hospital has replaced the head of its IT department.


#6

I guess it pays to make your your files are backed up on something that can’t be encrypted after the fact, such as optical discs. Then, when a ransomeware infection rears its ugly head, just give the devs the finger, and restore from backup. Also, make sure you clean that ransomware up, and check all other computers on the network to ensure they aren’t infected as well.