The ransomware attack on Allscripts is unique in its nature because it affected three different entities i.e. the company itself, its customers (physicians and healthcare facilities) and then their customers (patients). This multilayer effect of SamSam ransomware attacks demands an in-depth discussion and analysis of the incident. In the previous blog, we discussed how Allscripts managed to deal with the attack. Here, we will try to shed some light on the incident from consumers’ perspective.
Ineffective Communication
Allscripts dealt with the attack very diligently and completed their ransomware removal activities in the shortest possible time duration. But the customer feedback suggests that they were not able to maintain effective communication with their clientele on the issue. For instance, the company claims that they had completed all the ransomware removal and repair activities within five days after the attack. Many of their consumers are refuting this assertion because they faced unavailability of many of the tools and services even after the reported ‘restoration’.
It is true that Allscripts managed to recover their systems from cryptovirological infection in five days. However, user experience of their platform was not the same as before. Hence, they continued to receive complaints even after complete restoration of the system. Security experts think that Allscripts failed to communicate to their consumers all the adjustments in the system that took place after its restoration.
A Damaging Impact of the Attack
Even though Allscripts tried to control the fallout of attack by disconnecting their affected servers from the rest of the system, but the ransomware still did its thing. The healthcare company maintains that nearly 1,500 medical practices were affected by the attack. Allscripts provides electronic health record and practice management services to clientele and this number could mean hundreds of physicians and thousands of patients might have affected by the attack.
For any healthcare services provider, these numbers are not ignorable. For all those thousands of affected clients, Allscripts’s quick ransomware removal activities meant nothing. There is a lesson for every organization that deals in public domain, just like Allscripts, that no matter how quickly you move to mitigate a cyber disaster, it will still hurt many on the ground.
