This was not a surprise to anyone, except the administrators who didn’t want to spend money to upgrade the hospital’s security. WV MetroNews – Princeton hospital to replace 12-hundred computer hard drives after cyber attack
Petya is more damaging than WannaCry, in that it doesn’t really encrypt your data, it wipes the hard drives.
Princeton Community Hospital is a smallish hospital in southern part of West Virginia. Maybe they thought “We aren’t the NHS; no one will target us.” They thought wrong.
The hospital is spinning, saying that this is a complete surprise. (To whom, exactly?)
[Rose] Morgan [vice president of patient care services at the hospital] called the attack “surprising” because the hospital made sure to put all the protections in place to prevent cyber attacks. She said the attack just goes to show that no organization is completely immune to computer viruses.
My guess is that the “completely prepared” windows systems are not patched, that SMB verion 1 is still active on the network, etc. In any event, according to Securelist, this attack uses two exploits that Microsoft had patched back in March. (It also seems to use a piece Ukrainian tax software, but I doubt the hospital was installing that.)
If I was writing a Neighbors Were Shocked post, I would remind everyone that crime isn’t something that happens “in other kinds of places” and only to “other kinds of people.” If you are reading this then you live in the Real World™ where crime – including cyber crime – does happen.
Other people have been hit, probably by assuming that cyber crime doesn’t impact them. Such as a medical practice in Pennsylvania.
“Sometimes the small practice physicians think they won’t be targeted because they have less information, but what we’re learning is that everyone is vulnerable because health data is very valuable,” Deven McGraw, deputy director for Health Information Privacy for the Office for Civil Rights at the U.S. Department of Health and Human Services, told Medical Economics prior to the most recent attack.
Attacks are becoming more sophisticated, and health systems must step up efforts to ensure they don’t become victims, Michael Kaiser, executive director of the National Cyber Security Alliance
If you have a computer attached to the internet, you need to be prepared to recover from a nightmare like this. You can’t pay these guys 300 bucks and be on your way. In the 1st place the email address has been deactivated, and it isn’t ransomware – it wipes your data. Can you get it back? Oh, and why aren’t you updating your software?