The lives of patients in 110 nursing homes across America are being put at risk by hackers who are holding critical data hostage for $14 million in BTC. The outbreak has targeted Virtual Care Provider Inc. (VCPI) who provide cloud data hosting, security and access management for the nursing homes, with patient lives being put at risk due to staff being unable to access crucial patient medical records.
Ryuk Threat Resurfaces
VCPI were alerted to the attack at around 1:30 a.m. CT on November 17 when the Ryuk ransomware strain was deployed inside the company’s networks, encrypting all the client data and demanding a huge $14 million (₿1,866) ransom in exchange for the digital key needed to unlock access to the files. The Ryuk threat, which has been in operation since August 2018, specifically targets enterprise users and has netted the biggest known exponents, a hacking group called Wizard Spider, ₿705 since its inception.
The size of the ransom is typically set according to the victim’s perceived ability to pay, but VCPI owner Karen Christianson stated in an interview that the firm cannot afford the ransom and the attack could cost them the business, as well as potentially resulting in the untimely death of some patients. The targeting of a healthcare facility is reminiscent of the WannaCry attack by North Korean hackers in May 2017 and again illustrates the lack of consideration given to human life by hackers.
To Pay or Not to Pay – That is the Question
Whether or not to pay the ransom is never an easy question to answer, but often, if the ransom can be afforded, it happens. Governments in Florida and Georgia have been hit with ransomware attacks and paid out in BTC this year, while Baltimore, who suffered two crippling attacks this year, in October authorized a $20 million insurance program to prevent against future attacks.