Ohio’s NEO Urology Clinic Paid Ransom Yet Networks Remained Down For Days
Even after paying the $75,000 ransom demands, the networks at Boardman Ohio’s NEO Urology Clinic remained down for days. According to Health IT Security, the clinic was hit with an unnamed ransomware variant earlier this month; however, due to its “complexity”, the clinic’s board decided to pay the ransom demands. However, even after doing so and obtaining the decryption key, it still took days for the networks to become fully functional.
Due to the network’s instability and employees not having access to patient files, there were three days where the clinic lost between $30-50K in revenues, per day.
Often times when the public thinks of ransomware damages, the “behind the scenes” costs are not included. They think about the ransom demands, and maybe some lost production time. However, ransomware damages go far deeper to include:
- Lost revenue
- Overtime costs for IT staff
- Lost productivity
- This may include the time it takes employees to redo any lost work as a result of the attack, the time it takes to restore their devices, the time they are unable to work due to the lost functionality of their networks, or the time they now have taken to electronically enter in the information they were doing by hand while networks were down.
- Hiring a third-party firm for remediation and/or investigation efforts
- Hardware replacement
- Reputational damages
Ransomware damages go far deeper than the demands set forth by the hackers, and NEO Urology isn’t the first to learn this.
