Six months after hackers infected Victorville’s Desert Valley Hospital with malware specifically coded and deployed for extortion purposes, a major medical billing firm suffered a similar attack and lost a substantial amount of patient data.
How Do Malicious Threats Attack Systems
Apparently, an unsuspecting MMPC employee either opened an email attachment or clicked on a link that activated malicious JavaScript code execution. The next phase of the attack was the deployment of ransomware, a cyber attack that moves to encrypt all files stored on a hard drive or in a network. Once the encryption phase is complete, the attackers are notified, and the data is held hostage until the victims make a ransom payment, typically via bitcoin for the purpose of applying a layer of plausible deniability.
MMPC confirmed the attack but was not willing to provide information about the ransom amount paid or the currency demanded by the hackers. Although the attack did not involve data theft, thousands of patients records were lost during the recovery phase after the ransom was paid and the decryption key was granted. The MMPC network was in the midst of a major upgrade during the attack, and one of the backup systems failed, thereby destroying records instead of restoring them.
Protecting Yourself Against Vulnerabilities
When Desert Valley Hospital was hit by a ransomware attack earlier this year, IT professionals in Victorville were able to fend off the attack and conduct mitigation without having to pay ransom or otherwise compromise patient data. At the time the Desert Valley Hospital hack took place, the FBI had recommended that ransomware victims should heed to the extortion if they could not afford to lose the data; since then, law enforcement officials have changed their stance.
