Ransomware hackers get their money, then ask for more
But the hospital they targeted had a backup plan.
Kansas Heart Hospital in Wichita is the latest to be targeted by ransomware hackers, local news channel KWCH 12 reports. Unlike other recent attacks, however, the Wichita attackers never made good on their end of the deal. Instead of restoring access to hospital systems after receiving their ransom, they simply demanded more money.
According to Hospital President Dr. Greg Durick, Kansas Heart initially paid "a small amount" in ransom, but the hackers refused to decrypt the hospital's hijacked files. The hospital shut down negotiations after the second ransom demand, saying it no longer felt "this was a wise maneuver or strategy." As Durick told KWCH, Kansas Heart had a backup plan that immediately went into action and, "I think it helped in minimizing the amount of damage the encrypted agent could do." The hospital says patient information was never in jeopardy and operations were never impacted.
While the Wichita hackers may have been playing dirty, the makers of the "uncrackable" TeslaCrypt ransomware virus recently handed over the keys to allow anyone affected to retrieve their files. A ransomware attack on Congress was reportedly thwarted earlier this month as well, but a hospital in Los Angeles had to fork over 40 bitcoin (about $17,000) after falling victim to a similar attack in February.