https://www.bleepingcomputer.com/news/security/hospital-pays-55k-ransomware-demand-despite-having-backups/
Pretty simple story here- the hospital determined that they’d rather not have the downtime while they restored their backups, so they just paid the ransom. While the decision makes sense, it’s definitely interesting to consider where the line is for many businesses. For a hospital where lives are on the line, speed will probably beat cost as long as it’s reasonable.
It’s also interesting to think about how much your personal and work backups would be worth… It’s easy to put a number on a work backup where you know the amount of time/cost which went into the files, but how much would your personal data be worth to you?
I always find cyber-attacks on the healthcare industry quite interesting because of the type of business it is and the data they have stored. Since the attack was not due to an employee opening a scam email, I am very curious how the ransomware spread throughout the hospital. Also, I did find it a bit comical that they were hanging up posters to notify employees to shutdown their laptops/computers. The hospital decided to pay the ransom since it was much quicker than restoring back-ups. I am wondering why it would take so long if they did choose the restore method or what was their recovery plan if something like this is to happen? Or did they have one at all? I am also wondering what their security is like or how they educate their employees regarding cyber security and attacks. Additionally, hospitals hold patients’ personal information which they need access to. Maybe from their perspective paying the ransom made the most sense, but I am hoping their security changes after experiencing this incident.