Ransomware attacks on healthcare facilities have become the most existent cyber threat of late. We have previously discussed how the infiltration of cryptographic code in a healthcare network has very damaging consequences for the targeted establishment. Even timely ransomware removal measures can’t really help in lessening the brunt of the attack.
In a recent such activity, a multispecialty healthcare facility in South Bend, Indiana has become the victim of a ransomware attack. Allied Physicians of Michiana was targeted last week by the SamSam ransomware strain. It took four days to complete ransomware removal activities.
Allied Physicians Professionally Conducted Ransomware Removal Activities
It is important to note that the organization immediately shut down its servers after the attack to prevent the cryptovirological code from spreading. Besides that, ransomware removal and data recovery measures were joint efforts of its outside counsel, responder firm and freelance cybersecurity professionals. According to Allied Physicians official statement, the organization has succeeded in recovering their critical data in a protected format. The organization has also made it clear that the attack didn’t result in major disruptions of their services.
The ransomware infiltration basically affected the patient record of the healthcare facility. However, the company hasn’t informed about the extent of encryption and if they have recovered all the locked down files. Moreover, details regarding ransom demand and how the company negotiated with the attackers haven’t been disclosed as well.
Probe Continues
After dealing with the ransomware removal activities, Allied Physicians with the help of the FBI is trying to find how the attack was made possible in the first place. The FBI’s forensic findings suggest that critical data with more layers of security remained unharmed by the encryption activity. However, they have yet to find the weak link that was used by the attackers to infiltrate the system.
Consequences
Even though no significant medical services were disrupted by the attack, but the attack is still not good for the reputation of the company among clients. Nevertheless, it will be too early to say anything about how this ransomware activity will affect the business of Allied Physicians in coming days.
