Michigan Medical Facility Suffers Ransomware Attack
Allied Physicians, located in Michiana, Michigan was the victim of a ransomware attack on May 17, 2018. Reports confirmed the computer network was quickly shut down in an attempt to contain the cyber attack. Although, officials would not disclose how long the firm’s systems were impacted, they did indicate they were able to resolve the issues “without any significant disruption of services.”
The ransom demands were not disclosed, although the ransomware variant that infected the systems was identified as SamSam. This is particularly interesting, since this is the same variant that hit the Colorado Department of Transportation twice in March of this year. Meaning, whatever security solution Allied Physicians was using was outdated in some way. This may be that the users were not keeping the software updated, or the security solution provider has not been updating their blacklist. The blacklist is a list of all known malicious files. Either way, this attack is completely preventable.
Had Allied Physicians been using a security solution that was using a whitelist technology, they never would have gotten infected. The whitelist is a list of known-trusted programs. Meaning, no matter how many different versions of bad files attempt to run, they will be blocked because they haven’t been proven secure.
Other Ransomware Attacks
For a list of ransomware attacks that have already taken place in 2018, you may click here. We have also created a map, see below, of the ransomware attacks that have taken place in the U.S.