25 7
Ever since the WannaCry and Petya outbreaks, healthcare organizations have been on their toes. But just when they thought they could relax, a new strain of ransomware has come along. A “Locky-variant” ransomware campaign is currently underway, and it’s every bit as dangerous as previous ransomware attacks.
Using Old Tricks
The new ransomware strain, known as ‘IKARUSdilapidated,’ behaves the same way as other Locky variants. Hackers use carefully crafted emails to trick users into downloading and opening a ransomware-infused docx, pdf, jpg, or zip file that has the power to encrypt all local files. Even filenames are converted into a random 16-character combination followed by a “.lukitus” file extension. Once everything is locked down, it demands a payment made in Bitcoin to release the files.
According to recent reports, over 23 million ransomware emails were delivered on August 28, and potentially thousands of users could have been already infected.
While most hardened security measures can detect the original Locky code, hackers regularly evade detection by updating it just enough to become unrecognizable. As a new variant, IKARUS is often identified as an “unknown file,” allowing it to slip through outdated security tools. What’s more, the fraudulent emails are more convincing and far more difficult to spot.
Healthcare Still At Risk
Although many healthcare companies have been dealing with ransomware for years, there’s little guarantee that they can prevent attacks. The healthcare industry is an especially lucrative target because they manage a huge amount of patient information that they can’t afford to lose, which means they’re more likely to pay the ransom.
In fact, research shows that 88% of all ransomware attacks were aimed at the healthcare industry in 2016, costing approximately $6.2 billion, and that amount is expected to increase as hackers continue to reuse and recycle successful ransomware campaigns.
Most firms are slow to update their software, fail to run basic security tools, and haven’t implemented a rigorous security program from a managed services provider, making it easy for hackers to pick them off. Additionally, healthcare employees usually don’t receive (or have time for) comprehensive security awareness training, leaving them vulnerable to even the most basic attacks.
What Can You Do?
Like it or not, hackers will continue to churn out more ransomware that is as dangerous as Locky, but there are some things you can do to keep your servers and patient data safe.
If these measures seem like a lot of work for your company, call our managed healthcare IT experts at 336-776-0060. We’ll make sure that ransomware never puts your practice out of business.
Are You Making the Right Choice for Your CPA Firm? When was the last…
In today’s digital-first world, screen time is an unavoidable aspect of the modern workplace. Employees…
Spending too much time in front of screens can affect how we feel and interact…
Every day, people receive emails pretending to be from trusted sources only to discover they…
Best Practices for Data Backup in 2025 In today's digital age, data is the lifeblood…
Statistics show that the average enterprise uses more than 90Read more "What Is Single Sign-On…