Ransomware

a.jpeg

February 5th.  Hollywood Presbyterian declared an internal state of emergency.  
It is believed the hospital got a malware infection called ransomware through someone opening an infected e-mail or from someone visiting an infected website. 

Once it was on one computer, it got into the hospital’s network and went everywhere it could while it remained hidden.  It would have found all hard drives, data and files that it could.  It would have communicated back to the command and control server and then encrypted everything it could get its hands on.  Then a screen would pop up explaining to the hospital staff that all their files were locked until a bitcoin payment is sent.

So let's say you are the hospital staff.  Your choices are:

 •    Do not pay, you do NOT get your data back, it stays locked up.  If you try to restore from backup, and the ransomware sees the new data, it will lock that up for you as well.
 •    Pay and if all goes well, you get your data back.  If all does not go well, you do not get your data back, but you also lost your money.
You see that not all ransomware is written well, and some lose the key so even if you pay, they might have lost it.  And you only have so long with most ransomware before it deletes your data.

So here you are, a hospital with all your computers inaccessible.  You drop to written records for everything.  Of course all patient history isn’t accessible.  No schedules accessible.  No computer operated diagnostics accessible.  Oncology and Radiation were shuttered and all of those patients were transferred to other hospitals.
So you turn to the best and brightest computer agency for help right? 

b.jpeg

Well, they didn’t, and instead went to the LAPD.  We don’t know what expertise they may have.

However, we do know that when the Swansea Massachusetts police department was hit, they paid.  Two bitcoins, $750 at that time, and got their data back.

So apparently the LAPD had no clue, so they went on to the FBI, who said pay the ransom.

d.png

In the end they paid 40 bitcoin, about $17,000.  In this case it worked out and they did get their data back.

You might ask what Bitcoin is; it’s a crypto-currency.  It's not backed by any government, but is all digital, and built to be untraceable.  It's not an “evil currency”, but the non-tractability of it, means bad guys love to use it.  It's also used to help people on the run, such as battered wives, political refugees, etc.

e.png

Is that the end?  Well March 2016 ransomware hit the Methodist Hospital in Henderson Kentucky.  The same month it also hit Medstar’s 10 hospitals in the Maryland and DC areas.  These are not the only hospitals hit, just an example.  

Why do they target hospitals?  They make easy targets.  Many times hospital staff will share one password for a system for all staff, it has found many hospitals even tape the password to the computer system.  The lack of serious computer security makes them easy targets.

Besides getting money from the hospital for decrypting the files, they can have a second revenue stream, by downloading all patient records and selling them on the black market.

In fact, as of March of this year, 93% of all phishing e-mails contained encryption ransomware. There are now 120 separate families of ransomware.

When this trend first showed up years ago, I made sure that I back up to one network hard drive every few weeks, then power it down.  Ransomware can only encrypt what it can get to.

The Bible talks about our ransom in I Timothy and Mark:

I Timothy 2:5-6

For there is one God, and one mediator also between God and men, the man Christ Jesus, who gave Himself as a ransom for all, the testimony given at the proper time.

Mark 10:45

For even the Son of Man did not come to be served, but to serve, and to give His life a ransom for many.

So with ransomware the idea is, let's take something that is yours, things you have created or purchased, and are hopefully important to you, then lock it up.  Then you will need to pay to return it.  

But Jesus was a different type of ransom.  

Romans 5:6-8

f.jpeg

For while we were still helpless, at the right time Christ died for the ungodly. For one will hardly die for a righteous man; though perhaps for the good man someone would dare even to die. But God demonstrates His own love toward us, in that while we were yet sinners, Christ died for us.

Romans 3:23-24

For all have sinned and fall short of the glory of God, being justified as a gift by His grace through the redemption which is in Christ Jesus;

Jesus paid a ransom for something we never earned and never could earn.

© Vivian P. Kirkpatrick, 2016

Click here, to view as a sermon video.

Sources:

  • http://www.engadget.com/2016/02/19/hospital-ransomware-a-chilling-wake-up-call/

  • https://it.slashdot.org/story/16/04/16/1737211/out-of-date-apps-put-3-million-servers-at-risk-of-crypto-ransomware-infections

  • https://tech.slashdot.org/story/16/06/02/1356241/93-of-phishing-emails-are-now-ransomware

  • https://yro.slashdot.org/story/16/06/07/0659236/alarming-rise-in-ransomware-tracked?

  • https://news.slashdot.org/story/16/06/24/0539223/study-finds-password-misuse-in-hospitals-is-endemic