Russian hackers have apparently managed to break into a server where an Australian medical centre keeps its patients’ records, encrypt the data, and are now asking for 4,000 Australian dollars in order to decrypt it and make it available for use again, ABC News reports.
The owners of the Miami Family Medical Centre in Queensland believed that they had covered all their bases and that they had a good system in place but, apparently, they were wrong.
“We’ve got all the antivirus stuff in place – there’s no sign of a virus. They literally got in, hijacked the server and then ran their encryption software,” commented David Wood, one of the co-owners of the medical institution.
Still, he maintains, the data hasn’t been stolen – just encrypted, a fact that currently makes the operation of the centre very difficult.
The centre has called in an IT contractor to assess the situation and restore a backup of patient records. In the meantime, the server with the encrypted data has been taken offline.
It is still unclear whether the backup data has been also encrypted, but a comment from Wood might be an indication that it has, as he warned other businesses to check their IT security and not to leave backups connected to servers.
If that’s the case, it is possible the centre will have to pay the ransom in order to get their hands on the data sooner rather than later. Still, even that is not a guarantee.
“They might follow it up saying they want another payment or partially decrypt some of the information,” pointed out IT security expert Nigel Phair, who says that the identities of these type of hackers – predominantly located in Eastern Europe – are difficult and to uncover, and their modus operandi usually consists of asking low ransom prices in order to increase their chances of collecting the money.