Philadelphia, which Forcepoint describes as an “unsophisticated ransomware kit,” is sold for a few hundred dollars. Hackers deploy the ransomware using a phishing email, which redirects the user to a personal storage site. This site downloads a file with the hospital logo and a set of fake patient information documents. By clicking these icons, the user executes the Philadelphia ransomware.
In its analysis, Forcepoint notes the encrypted code includes the phrase “hospitalspam” and the ransomware command includes “hospital/spam,” suggesting the ransomware creator is specifically targeting hospitals.
“Individually, this may not be a great deal of an attack toward the healthcare sector,” according to Forcepoint. “However, this may signify the start of a trend wherein smaller ransomware operators empowered by [ransomware-as-a-service] platforms will start aiming for this industry, ultimately leading to even bigger and diversified ransomware attacks against the healthcare sector.”
Medicine Bow Technologies has anti-ransomware, email protection tools, and training available for your hospital employees. Call us today for information!