Russian ransomware strikes Queensland doctor
Seven years of patients' files encrypted by crooks
A medical practice in the Australian state of Queensland, the Miami Family Medical Centre, has been hit by ransomware said to originate in Russia.
ABC News reports staff arrived at the practice last week, turned on computers and found messages proclaiming that patients' records had been encrypted. Seven years' worth of patients records are now inaccessible.
The report goes on to say that the practice has decided it does not negotiate with cyber-terrorists and won't be handing over the $AUD4,000 that has been demanded to decrypt the files. The practice will therefore rebuild a database, and appears to have written off its current collection of records.
Queensland Police say this is not the first such case in the state – 11 similar incidents have been reported in the last year.
The reason for the attack seems to be poor security: the practice says it ran anti-virus software, but the attackers seem to have divined passwords for both PCs and servers, brushing aside AV on their way into the centre's systems. ®