SHOULD YOU PAY IF YOU’RE HIT WITH RANSOMWARE?

CHANGE HEALTHCARE LEARNS THE HARD WAY

Paying a ransomware ransom is not a Get Out of Jail Free card as Change Healthcare is slowly learning! The Ransomware that has impacted the customers of the United Health Care subsidiary, Change Healthcare, has lasting impacts beyond just not being able to confirm insurance coverage or delayed filing/reimbursements, which are already pushing many medical practices to their financial limits.

Stories abound like this one : An Ohio Urgent Care may not be able to pay rent and their doctors are slashing expenses to try and stay afloat. Read more about this story in the NY Times:  https://www.nytimes.com/2024/03/05/health/cyberattack-healthcare-cash.html

criminals lie?? no way!

Let’s just talk about how much the criminals are actually making off of these ransoms. It looks like the criminals that got paid the $22 Million in Bitcoin took the money and ran! They closed up shop and even stiffed their partners in crime, who have come out and stated that they didn’t get paid! The worst part is that the criminals still have all the data from this event!

This story above reinforces that paying the ransom doesn’t guarantee that the criminals will delete their copies of your data that they stole, despite their promises. LockBit, a ransomware gang that was taken down by law enforcement agencies last month, admits to lying to their victims in their extortion notes. They were basically guaranteeing they will release their data, but never did. Obviously we are learning that criminals lie on all avenues, shocker!

“If we do not give you decrypters, or we do not delete your data after payment, then nobody will pay us in the future.” -Extortion notes by Lockbit to victims.

Britian’s National Crime Agency also reinforced that you shouldn’t trust Ransonware gangs to do what they say in their extortion notes. The NCA has a lot of of evidence that when a ransom is paid, it does not guarantee that data will be deleted, despite what the criminals have promised. The NCA led the takedown of the LockBit ransomware gang and since discovered data still in the LockBit’s System from victims that had already paid the threat actors.

REPORT THE CRIMES TO THE FBI TO SAVE US ALL!

LockBit’s demise (for now) also showed that the vast majority of cybercrime goes unreported. Most of the identified victims did not report these crimes to relevant federal agencies. The Federal Bureau of Investigation’s (FBI) website has a place where victims can report crimes. By reporting crimes, it helps the FBI better understand what the criminals are up to and correlate this data to better understand how the criminals operate. That way the FBI can keep all of us updated on how to spot the crimes and how to respond. If you have had an incident related to cybercrime, please report it! FBI Website: IC3.gov