Are you a new user?
Register Here

Retrieve Password
print   email   Share

To Pay Or Not To Pay The Ransomware Criminal: That Is The Question

Two locations of an Ohio-based hospital recently experienced ransomware attacks that forced them to turn away numerous patients.

Because of the attack, the hospital's IT department took several computers offline. As a result, employees had to use paper charts; ambulance patients had to be transported to nearby hospitals; and the emergency room could only accept walk-in patients.

Fortunately, the hospital was able to respond quickly, limiting the amount of damage the ransomware could cause and preventing a data breach. The hospital stated that no patient information was compromised. The hospital did not pay a ransom to the cybercriminals behind the attack. Jake Doevan "Ransomware attacks Ohio hospitals leading to disabled networks" 2-spyware.com (Dec. 02, 2018). 


In 2018, a hospital in Indiana paid $45,000 to cybercriminals who infected its network with the ransomware virus SamSam. In that case, cybercriminals gave the hospital the private keys needed to recover its files.

However, there is no guarantee that cybercriminals will follow through on their promise to restore data, even if the ransom is paid. The Kansas Heart Hospital paid a ransom in 2016 only to have the hackers behind the attack refuse to decrypt the locked files and demand an even larger ransom.

Organizations can protect their data by using a strong firewall; encrypting the network; and securing all devices and accounts with unique, strong passwords. Keep software up-to-date and install anti-virus protection on all computers and devices. Train all employees to watch out for phishing emails and phone calls and to never share personal information in response to a query.

In addition, routinely back up all data to a hard drive that is disconnected from the network. This practice allows your organization to access essential data should it be hit with a ransomware attack. Using backup drives is the fastest way to restore your data following an attack. A quick recovery is essential to resume operations and reduce the amount of lost time and money.

Remember, backup drives must not be accessible through your network, or else cybercriminals could lock your backup drive as well if they access your network.

If your data is ever locked in a ransomware attack, do not pay the ransom. Paying ransoms only encourages this type of cyberattack. Instead of paying a ransom, work with IT to restore your data and discover how the infection occurred in order to make your network less vulnerable to future attacks.

Finally, your opinion is important to us. Please complete the opinion survey:

Today's Workplace

CEO And CFO Fraud Creates Exposures For Boards

The SEC finds two Silicon Valley company officers committed a $700 million fraud. What oversight was missing that led to this enormous fraud? We examine.

read more

Are Your IoT Devices Vulnerable To Attack?

Too often organizations and individuals forget to secure IoT devices, which hackers can breach to access network-connected computers. We examine.

read more

An Enterprise-Wide Cybersecurity Plan: A Crucial Step For Protecting Data

Not having a cybersecurity plan with human oversight left the U.S. Department of the Interior vulnerable to data breaches. We examine what this means for your organization.

read more