Report: Healthcare Services Pay Nearly $100,000 to Ransomware Attacker | Hacked: Hacking Finance
Hacked: Hacking Finance


Report: Healthcare Services Pay Nearly $100,000 to Ransomware Attacker

Posted on .

Report: Healthcare Services Pay Nearly $100,000 to Ransomware Attacker


This article was posted on Wednesday, 19:43, UTC.

A new report has found that hospitals are increasingly targeted by ransomware attackers because of the low-security measures put into place.

// -- Discuss and ask questions in our community on Workplace. Don't have an account? Send Jonas Borchgrevink an email -- //

The McAfee Labs Threats Report: September 2016 has found that hospitals paid around $100,000 to a bitcoin address in the first quarter of the year.

In February 2016, one hospital in California was reported to have been targeted by hackers demanding a ransom of 9,000 bitcoins, amounting to around US$5.77 million.

// -- Become a yearly Platinum Member and save 69 USD and get access to our secret group on Workplace. Click here to change your current membership -- //

The hospital reportedly paid $17,000 to have its files and systems restored; however, it suffered a downtime of five days.

Different Method of Attacks

In most ransomware attacks, ransomware is delivered through phishing when emails are sent with subjects such as ‘failed delivery’ or ‘my resume’. They have attachments, which then download the ransomware.

Another method that hackers tend to use is through exploit kits; however, according to the McAfee report, none of these methods were employed during the first quarter of 2016.

// -- Get exclusive consultation for as low as $249 per month on -- //

The report found that through the open-source tool JexBoss, hackers targeting hospitals were able to scan for vulnerable JBoss web servers before sending an exploit to initiate a shell on those hosts. Once the servers were then infected, available tools used by the hackers were then utilized to map the trusted network.

Hospitals Off Limits

When it comes to hospitals these are typically seen to be off limits for ransomware attacks. That’s according to McAfee.

The report said:

In the Russian underground, there is an ethical ‘code of conduct’ that places hospitals off limits, even if they are in countries normally targeted in their cybercrime campaigns and operations.

Hospital stock

It was concluded that these types of hospital attacks that took place at the beginning of the year were undertaken by malicious hackers and even though the attacks were effective they were not very sophisticated.

In the first half of 2016, most ransomware attacks took place on American and Canadian hospitals with a few targeting U.K. and Australian hospitals. As a result, the U.S. and Canadian cybersecurity agencies issued an alert earlier this year regarding ransomware attacks, as reported by CCN.

Ransomware Profit

The report found that a ransomware author and distributor had received BTC 189,813, translating to around $121 million. The author, the report stated, claimed that they have earned $94 million in the first six months of 2016.

As it can be seen, money can be made quickly through ransomware attacks. While the report discovered that the majority of victims did not pay the ransom demand, hospitals that were targeted by the ransomware family samsam did appear to pay.

The amounts involved varied, but the biggest direct costs were from downtime or lost revenue, incident response, system recovery, audit services, and other cleanup costs. Those targeted had a downtime for at least five to 10 days.

It seems, though, that unless health care services improve on their cybersecurity, malicious hackers will continue to target them, gaining access to personal and oftentimes irreplaceable data. For now, the advice from the FBI is to avoid paying the ransom demand to hackers.

Featured image from iStock/zimmytws and Shutterstock.

Important: Never invest money you can't afford to lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here.

Feedback or Requests?

Rebecca Campbell

Rebecca Campbell

There are no comments.

View Comments (0) ...
The team:
Dmitriy Lavrov
Dmitriy Lavrov is a professional trader, technical analyst and money manager with 10 years of trading experience. He covers Forex, Commodities and Cryptocurrencies. He is among the top 10 most Read More
Jonas Borchgrevink
Jonas Borchgrevink is the founder of and He is a serial entrepreneur, trader and investor. He shares his own personal journey on // -- Discuss and ask Read More
P.H. Madore
ICO Analyst
P. H. Madore lives in Arkansas with his wife and children. He has covered the cryptocurrency beat over the course of hundreds of articles for Hacked’s sister site, CryptoCoinsNews, as Read More
Mate Csar
Trader and financial analyst, with 10 years of experience in the field. An expert in technical analysis and risk management, but also an avid practitioner of value investment and passive Read More
Justin O’Connell
Justin O’Connell is a cryptocurrency journalist who works have appeared in the U.S.’s third largest weekly, the San Diego Reader & VICE. // -- Discuss and ask questions in our community Read More
Mati Greenspan
Senior Market Analyst at // -- Discuss and ask questions in our community on Workplace. Don't have an account? Send Jonas Borchgrevink an email -- // Important: Never invest Read More
Rakesh Upadhyay
Rakesh Upadhyay is a Technical Analyst and Portfolio Consultant for The Summit Group. He has more than a decade of experience as a private trader. His philosophy is to use Read More
Pamela Meropiali
Account Manager
Pamela Meropiali is responsible for users on // -- Discuss and ask questions in our community on Workplace. Don't have an account? Send Jonas Borchgrevink an email -- // Read More
Joseph Young
Joseph Young is a finance and tech journalist & analyst based in Hong Kong. He has worked with leading media and news agencies in the technology and finance industries, offering Read More
A former commodities investor client of SS&C Technologies has sued…