6330 E. 75th Street, Suite 336Indianapolis, Indiana 46250
(800) 746-4356(317) 251-7920

Ransomware hits local Indiana Hospital

Hancock Regional Hospital coughs up huge ransom to hackers

  • 17 January 2018
  • Author: TMcShane
  • Number of views: 2347

Hancock Regional Hospital coughs up huge ransom to hackers

Yesterday, it was reported that a ransomware infection infiltrated the systems of Hancock Regional Hospital in Greenfield, IN. The strain, known as SamSam, entered the hospital’s network via an infected vendor and then encrypted the files on it, making them completely inaccessible for hospital staff. In response, and for multiple different reasons and factors, leadership at the hospital made the ultimate decision to pay the ransom, and luckily their files were returned…

This attack couldn’t have come at a worse time for the hospital. While winter storms and freezing temperatures sweep across the Midwest, Hancock Regional and other hospitals are battling a particularly bad flu season. The climate and weather can have a lot to do with the success of malware attacks. When situations are critical, a ransomware infection or computer virus can be devastating. With so many patients relying on care, and conditions outside so severe, management wanted to avoid diverting patients to other hospitals at all costs. To them, it appeared that their “hands were tied” and that paying the ransom was the only way forward… “We were in a very precarious situation at the time of the attack. With the ice and snow storm at hand, coupled with the one of the worst flu seasons in memory, we wanted to recover our systems in the quickest way possible and avoid extending the burden toward other hospitals of diverting patients,” said Steve Long, Hancock Health CEO.

  Obviously, the hospital didn’t have the proper measures in place to protect from hackers. This includes a very robust, next generation AntiVirus software, routinely performed back-ups and a clear disaster recovery plan. Had they made these investments to strengthen their security posture, they’d be much better off, considering the ransom was 4 bitcoin, which totals over $40,000! This cost doesn’t even include the thousands of dollars lost in downtime, while they were locked out of their systems. While management may have had some type of back-ups and disaster recovery strategy, they clearly weren’t sufficient. In the end, management decided to ditch their back-ups and pay the money to restore their files. “Restoring from backup was considered, though we made the deliberate decision to pay the ransom to expedite our return to full operations,” said Steve Long.

Tom X. McShane


Categories: Important News
Rate this article:
No rating

Please login or register to post comments.

Our Happy Customers

"As a small business, we do not have our own internal IT department. SIM2K® Block Hours offer us a way to get more of the support we need at a lower cost."
-A central Indiana wealth management company

"We've found SIM2K to be an instrumental force in shaping our IT future. Thanks to their SIM2K Block Hours, we've found an effective way to pay for our IT needs as they arise."
-A central Indiana auto auction

"SIM2K has been there for us over the years. They've helped us setup remote access systems, advised us in our continued growth and even helped us restore our patient management software."
-Top rated Indiana surgeon's office

"We were hit by a nasty Internet worm right in the middle of tax season that disabled our server. SIM2K was able to come in and in hours we were back up and running. Their responsive and competent help saved us a lot of time, pain and money."
- A central Indiana accounting firm

"BDA has been utilizing SIM2K consulting services for several years now. We are very pleased with SIM2K's focus on customer service and recently decided to become a SIM2K® Pinnacle customer. We IMMEDIATELY realized the cost benefit to our company! SIM2K Pinnacle has proven to be a great asset to our company..."
- Bill Dunbar and Associates, LLC