Ransomware, healthcare and incident response: Lessons from the Allscripts attack

CSO Online

Security / CSO Online 40 Views 0

On January 18, 2018, at around 2:00 a.m. EST, the security operations center (SOC) at electronic health record (EHR) and practice management software provider Allscripts detected abnormal activity.

Four hours later, at 6:00 a.m. EST, the SOC started their investigation and determined the abnormal activity was in fact a full-blown ransomware incident due to SamSam, a family of ransomware that is known to target healthcare organizations. A short time later, teams from Microsoft, Mandiant and Cisco were called in to help.

allscripts ransomware attack insider cover Getty Images

Register now to download the PDF of this series.

To read this article in full, please click here