Hackers return for more money in ransomware attack at Kansas hospital

Hackers are demanding a second ransom from Kansas Heart Hospital after the organization paid to have access to its systems restored last week.

Greg Duick, M.D., the hospital's president, told KWCH12 that his facility paid "a small" amount to the malicious attackers to regain access to its systems. The hackers, however, did not give back full access to files and are asking for more.

The hospital is refusing to pay the second ransom, according to the report.

"The policy of the Kansas Heart Hospital in conjunction with our consultants, felt no longer was this a wise maneuver or strategy," Duick said.

He added that the hospital did have a plan in place for such an attack, and said it "helped in minimizing the amount of damage the encrypted agent could do."

"The patient information never was jeopardized and we took measures to make sure it wouldn't be," Duick said.

Ransomware attacks are rising in frequency in the healthcare industry this year. Two high-profile attacks include one at Hollywood Presbyterian Medical Center in February, where the health system paid to have systems restored, and an attack on MedStar Health System in March, though the organization has not yet declared that attack ransomware.

The decision to pay or not pay the ransom is a difficult one for organizations, especially if such an attack takes systems needed to care for patients offline. However, earlier this month, FBI Cyber Division Assistant Director James Trainor said that companies should not pay ransom.

In addition, law professor Shaun Jamison, Ph.D., told FierceHealthIT in April that paying could set a bad precedent.

"When you pay, it's about the fact that these actors might attack you again or attack others," he said. "You don't want to encourage further attacks unless there is no other course of action available."

To learn more:
- here's the report