A new ransomware campaign has targeted the not-for-profit cancer services organisation “Little Red Door” requesting a US$44,000 ransom.
A new ransomware campaign has targeted a not-for-profit cancer services organisation, the Little Red Door. The organization provides a number of cancer support services, including diagnostics and treatment.
The system at the agency was infected by a ransomware last Wednesday, January 11, 2017, at around 10:00 PM.
According to the Associated Press a ransomware infected its server and demanded a 50 bitcoin ransom (roughly US$44,000) in order to decrypt the files.
“A ransomware group has infected the computers of an Indiana-based cancer agency and have asked for a large payment of 50 Bitcoin ($44,800).” reported Bleepingcomputer.com.
The Little Red Door Executive director, Aimee Fant, confirmed that data of the organization was stored in unspecified cloud storage.
The singularity of this specific ransomware attack it the fact crooks demanding the ransom directly to the cancer agency’s staff via phone and email.
“First, they sent text messages to the agency’s Executive Director, President, and Vice President phones, and then they sent a standardized “form letter” via email. The emails contained detailed payment instructions, but also several threats.” added bleepingcomputer.com.
According to the cancer agency’s Executive Director Aimee Fant, the group threatened to contact family members of living and deceased cancer clients, donors and community partners.
The organization, of course, will not pay the ransom because its money has to be used to provide the necessary services to cancer patients and their families.
“The agency will not raise money to pay the criminals’ ransom,” Fant said.
This is really a sad story, the organization has no choice, it has to replace the infected server and store the old one in the hope a security firm or law enforcement will find decryption keys during their operations.
The agency plans to replace the server with a “secure cloud-based” platform and hopes to be restored operations within the week.
The attack was reported by the organization to the FBI.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.