Digital Ransom Situation in Australia

MiamiFamilyMedicalCentre

Image courtesy of Ransom Note Generator – http://ransom.sytes.org/

The Miami Family Medical Centre in Queensland, Australia was breached by unknown cyber criminals who have encrypted their patient database and demanded a $4,000 AUD ransom this morning. Law enforcement says the attack originated in a Eastern European country, as the majority of sophisticated cyber crimes normally do. Given the distance between the attack and the origin, the chances of pinpointing the attacker are incredibly low. This attack is on the heels of a barrage of cyber attacks on small to medium sized businesses along the Gold Coast over the past few months, approximately 10 attacks a week on average.

Co-owner David Wood was under the impression that they had a good system in place for situations like this:

“We’ve got all the antivirus stuff in place – there’s no sign of a virus. They literally got in, hijacked the server and then ran their encryption software… It’s people who know how to break in past firewalls and hack passwords to get onto the server.”

Image courtesy of Ransom Note Generator - http://ransom.sytes.org/

Image courtesy of Ransom Note Generator – http://ransom.sytes.org/

An overwhelming majority of security breaches are a result of cyber criminals using ‘phishing’ tactics in order to inadvertently obtain password credentials– either by posing as an Admin and asking for it, or sending an internal Email with an attachment that, when opened, releases a keylogger to gather the credentials. Firewalls and Antivirus software are essential elements, but just the tip of the iceberg when it comes to complete protection. The server with the encrypted information is being held offline and an it contractor has been hired to restore a backup of patient records. Chances are highly likely that Miami Family Medical Centre will have to pay in order to get their information back, if they want it any time soon. Nigel Phair, Director of the Centre for Internet Safety predicts that this particular ransom is far from over. “…That’s not the best option because as we know from extortion that once you pay they’ll follow that up. They might follow it up saying they want another payment of partially decrypt some of the information.”

In the interim, the practice will continue to operate, although productivity will be at an all-time low without proper medical records. Let this case serve as a catalyst for business owner’s that think that their security is currently foolproof. Once move by criminals such as this can cripple your productivity and uptime, causing you to enter a volatile negotiation to get back YOUR information. Another invaluable lesson to be learned from this — have more than one backup!

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s