New ransomware variant targets hospitals

A new ransomware kit called Philadelphia enables amateur cybercriminals to target hospitals, according to an analysis by Forcepoint, an Austin, Texas-based IT security company.

Philadelphia, which Forcepoint describes as an "unsophisticated ransomware kit," is sold for a few hundred dollars. Hackers deploy the ransomware using a phishing email, which redirects the user to a personal storage site. This site downloads a file with the hospital logo and a set of fake patient information documents. By clicking these icons, the user executes the Philadelphia ransomware.

In its analysis, Forcepoint notes the encrypted code includes the phrase "hospitalspam" and the ransomware command includes "hospital/spam," suggesting the ransomware creator is specifically targeting hospitals.

"Individually, this may not be a great deal of an attack toward the healthcare sector," according to Forcepoint. "However, this may signify the start of a trend wherein smaller ransomware operators empowered by [ransomware-as-a-service] platforms will start aiming for this industry, ultimately leading to even bigger and diversified ransomware attacks against the healthcare sector."

More articles on health IT:
ONC unveils $180k data challenge
Scripps Health goes live on Epic EHR
Intermountain Healthcare Innovation Fund invests $1M in Redox

© Copyright ASC COMMUNICATIONS 2017. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

 

Top 40 Articles from the Past 6 Months