Hancock Health hospital pays $55,000 ransom to SamSam ransomware hackers:
Hancock Health, a local hospital in Indiana, paid a $55,000 ransom following a ransomware attack that contaminated the hospital’s system and frustrated its operations. The contamination occurred on Thursday, January 11, where attackers conveyed SamSam Ransomware that encrypted documents/files and renamed them with the expression "I'm Sorry." The ransomware immediately influenced operations, forcing the hospital’s IT staff to bring down the system and use pen and paper.
The hospital had backed up their data yet chose to pay the ransom of four bitcoin, or $55,000. Hancock Health CEO Steve Long said that the files could have been recovered yet reestablishing them would take days or weeks and could include some significant pitfalls. Since a long time ago included that paying the little ransom appeared well and good from a business point of view.
After taking the ransom, the attackers discharged the files early Saturday and the hospital’s facility's PC system were up and running by Monday. The hospital additionally discharged an announcement that nitty gritty the episode. The assault was not the aftereffect of a worker opening a contaminated email, however programmers accessing the hospital system through a remote access gateway and signing in with a merchant's username and password.
SamSam is a Ransomware family known for aiming the healthcare industry before. Dissimilar to conventional ransomware, SamSam does not depend on malvertising or social designing methods like noxious email attachments. This ransomware variation gives off an impression of being dispersed through unpatched servers and uses them to trade off extra machines that programmers/hackers use to recognize key information system to encrypt.
"Through the effective teamwork of the Hancock technology team, an expert technology consulting group, and our clinical team, Hancock was able to recover the use of its computers, and at this time, there is no evidence that any patient information was adversely affected," Hancock Hospital said in a press release.
Patient information does not appear to have been compromised and both the FBI and an unnamed third-party cybersecurity firm are investigating the incident.
Also Read: What is Spam message? Remove Spam Emails, Social Networking Spam?
Protection from such Ransomware in future:
SamSam Ransomware and such ransomware are malicious and lethal malware and removing it completely is important for safe and enhanced system performance.
Ransomware is more than a mere nuisance, protection from it is highly essential and requires the user to be vigilant and practice utmost caution before clicking on misleading links and email attachments. Another defense method is to maintain a consistent backup of all the important data and files on external storage devices.
Unfortunately, new types of Ransomware are highly advanced and it is almost impossible to recover the lost data and important information once your system is attacked by Ransomware. Paying ransom may look like options but there is no point in paying the ransom because chances are, it won’t help you to recover your files. In order to protect your PC from Ransomware attack, we advise you to use an efficient antivirus module. Keep files and confidential data safe from Ransomware attack, optimize system performance and enjoy secure system working by downloading the best antivirus tool, Malware Removal Tool .
What should be your next move?
By any chance, if you believe that your computer could be infected with this infection, do not hesitate to eliminate ransomware. This is the most straightforward approach to end its movement on your operating system. If you let this malware remain on your PC, this ransomware can cause significantly more harm by encoding another bit of your documents. Since quite possibly this infection is back online, we highly recommend you to run a full system scan with malware removal tool.
To pay or not to pay:
The definite answer is NO. Despite the fact that we highly suggest not paying the ransom, we understand that a few organizations would not have the capacity to get away without the information that has been put away on the encrypted PCs, so unfortunately in such cases, paying the ransom will be the only option to advance the business. Also, we can just advice you to not pay the amount. Remember that you can never be sure whether the criminals would give you a working decryption key.
Things you must know about a ransomware attack
There have been incidents showing the users were hit by the same ransomware for the second time, even though they have already paid the ransom. From here, all that we can say is if you don’t act quickly and the right way, you might not get a second chance.
Ways through which Ransomware infects your system:
- Spam emails: This Ransomware gets into your computer through malicious email attachments in the spam emails tab. This ransomware send a word document which contains spam mails. It also send a malicious infected attachments and download links in an unknown emails. It also contain disguised links that appear to be for familiar websites but in fact lead to phishing web sites or sites that are hosting such malwares.
- Attachments send via emails or Facebook, Skype messages. This trap is genuinely old, however it is always getting enhanced. The most recent hit is to influence it to look an associate sent you that email and it will also incorporate what seem, by all accounts, to be business related documents inside. Make sure to search for the file attachment before you take a gander at the document name. If it closes with .exe or it is .exe file then it’s most likely an infection!
- Bundling: It comes bundled with free application hosted from unreliable site. When user install those free application then this infection also gets installed automatically.
- Fake download websites are another wellspring of this programs. These websites have worked in calculations, which enable them to duplicate your search queries and influence the search engines to trust they have an ideal match for your search. When you endeavor to download a file from such a webpage the name will fit, but the file that you have downloaded are really going to be loaded with infections, viruses, malwares and other threats. So it is never a smart thought to open documents got from arbitrary sources without scanning them for infections first. Always keep an anti-virus program on your machine.
- It also gets inside your system along with the installation of any new software applications which the user does without completely reading license agreements or reading without terms and condition. Most of these cases are sharing files like music, photos and many more in networking environment, visiting various adult websites are also liable behind the insertion of this threat inside the Pc.
- Social Clickjacking: Creators of such infections use online media such as Social Network and tempting advertisements to have users install these extensions. Update your flash player or win an IPhone are examples of such tempting offers.
- It can also get attached with on your PC, if you frequently visit unsafe site like Porn sites or betting sites which contain illegal stuff. In addition, user should also avoid clicking on misleading ads and random links which redirects the victim to social media site.
- Torrents & P2P File Sharing: Torrents and files shared on P2P networks have a high probability of being a carrier to such infections.
Also Read: How To Remove .Block ransomware From Your Computer Easily?
Tips to Prevent samsam from Infecting Your System:
1. Enable your popup blocker: Pop-ups and ads in the websites are the most adoptable tactic used by cybercriminals or developers with the core intention to spread malicious programs. So, avoid clicking uncertain sites, software offers, pop-ups etc.
2. Keep your Windows Updated: To avoid such infections, we recommend that you should always keep your system updated through automatic windows update. By doing this you can keep your device free from virus. According to the survey, outdated/older versions of Windows operating system are an easy target.
3. Third-party installation: Try to avoid freeware download websites as they usually install bundled of software with any installer or stub file.
4. Regular Backup: Regular and periodical backup helps you to keep your data safe in case the system is infected by any kind of virus or any other infection. Thus always backup important files regularly on a cloud drive or an external hard drive.
5. Always have an Anti-Virus: Precaution is better than cure. We recommend that you install an antivirus like McAfee or a good Malware Removal Tool like Download Free Virus Removal Tool
6. Install a powerful ad- blocker for Chrome, Mozilla,and IE.