AllScripts — an electronic healthcare record (EHR) — was recently hit by a ransomware named SamSam. The website of the company was hit on January 18 after two data centers were hit in the Charlotte and Raleigh region in North Carolina.
Cybercriminals were successful in taking down some services of the healthcare provider including e-prescribing of controlled substances. Healthcare providers that used the services of the company were not able to access their electronic medical records after the attack.
Quick Action Prevented Substantial Damage
After learning about the ransomware attack, most disconnected from the AllScriptsdata centers as a precautionary measure. Companies that had used the services of AllScripts include such well-known firms as Sunflower Medical Group and Northwell Health.
A spokesperson for NorthwellHealthhad stated that the company quickly removed connection with AllScripts after learning about the attack. As a result, no data was removed from the system. The only service that was not available after the attack was the electronic medical record. The rest of the services were unaffected. If the company had not taken quick action, the operations of the company with a network of 23 hospitals could have come to a halt.
At the moment, AllScripts has not acknowledged the attack on any of its social media pages including Facebook and Twitter. There is no knowing the damage done to the company after the ransomware attack. The company supports more than 40,000 in-home clinics and 180,000 physicians.
The ransomware that had attacked AIIscripts services was a new strain of the SamSam malware. None of the nearly 1,500 customers that were affected by the ransomware attack were hospitals of physicians. In addition, the services to most of the existing clients have been restored.
Ransomware attacks have become common in the past few years. They have grown steadily over the years — both in intensity and frequency. The SamSam ransomware alone has taken down entire municipalities in New Mexico, Farmington, Decatur, and others. Recently, the Hancock Health and Adams Memorial was hacked by a ransomware for which the company paid $55,000.
As these attacks have become common, companies need to take action to understand the modus operandi of the ransomware. They also need assess the risks and implement measures that can prevent them from being victims of ransomware.
What Can Companies Do to Avoid being Victims of Ransomware?
Companies can take various actions to prevent damage due to ransomware. The recommended method is to use ransomware removal tool to delete ransomware virus from their PCs. Once the ransomware is deleted, a data recovery tool can be used to recover the files.
Furthermore, installing security patches is important to prevent attacks. Microsoft releases security patches after vulnerabilities have been detected. Installing the patches is important to avoid being a victim of cybercrime.
The FBI recommends that you not pay cybercriminals. There is no telling whether cybercriminals will decrypt the files even if the ransomed amount is paid. Paying the criminals will embolden them to continue to commit the act when they find that their actions, however malicious, are rewarded.