How One Health Care Organization Dodged the Ransomware Bullet
One morning in June of last year Jason Rolla, chief technology officer of Christopher Rural Health, a small network of health centers and clinics in Illinois, received a peculiar phone call.
Someone in the company’s human resources department told him that people in the office were no longer able to open documents stored on its computers. So Rolla headed down to the site to take a look.
That’s when his worst fears were confirmed: ransomware. “I hadn’t seen ransomware until then,” Rolla tells Fortune, referring to a type of malicious software that locks down computer files with encryption, allowing cybercriminals to demand a ransom to unlock the data.
Get Data Sheet, Fortune’s technology newsletter.
As soon as Rolla double clicked on a file, it redirected him to a payment webpage and a ransom note. The hackers demanded hundreds of dollars worth of the virtual currency Bitcoin.
“My heart started pumping.” he says. “I was worried to death.”
Of all the sectors now under attack by ransomware, health care has been making more headlines than the rest. Earlier this year, a hospital in Hollywood paid a ransom of $17,000 to rid its systems of a ransomware infection. Soon after, hackers struck MedStar Health, a network of 10 hospitals in Washington D.C. and Maryland. A number of hospitals in California operated by Prime Healthcare have all suffered recent attacks. There are countless other victims as well.
The ransomware scourge is a serious problem—and it’s only getting worse. The Federal Bureau of Investigation warned last week that attacks are on the rise. In March the Department of Homeland Security issued a similar alert. When Chris Young, Intel (INTC) Security’s chief, dropped by Fortune’s offices a couple of months ago, he said the company’s customers are all asking about how to protect themselves from the threat.
Everyone is worried about becoming the next target. Schools, government offices, businesses, regular people—even law enforcement agencies have been hit. Crooks are making a killing on the extortion scheme.
For more on ransomware, watch:
Rolla, like many fellow casualties in the health care industry and beyond, was forced to evaluate his options when he encountered the ransomware that day. He considered paying the ransom, he admits.
“To be honest with you, I did [consider paying the ransom]. On the first day, absolutely,” he tells Fortune. “I really could not afford to be without those files.”
Luckily, it didn’t come to that. A day later Rolla remembered that he was a customer of a data backup firm. He restored the office’s systems from those backups. (Christopher Rural Health company happened to use Exablox, but there are a number of other companies that provide similar services, like code42, Zerto, and a host of others.)
Read more: “Ransomware: The Police Probably Can’t Help You“
Having a data backup plan is just one approach to combating ransomware. There are many other ways to defend against these kinds of attacks. For more technical tips, read this excellent blog post intended for systems administrators. For everyone else, as always, its best to be wary of downloading questionable attachments or clicking suspicious links online.
It’s important that people step forward and share their experiences—even if they are, regrettably, forced to pay off these ransoms in the end. If your computer has ever been hit with ransomware, Fortune would love to hear your story. Please consider shooting the author a note (@rhhackett).
The more people keep quiet, the worse the problem is bound to become.