This Sunday evening, May 5, CBS’s Scott Pelley will be reporting on ransomware in a segment on “60 Minutes.” The segment includes some discussion of the Hancock Regional Hospital incident where the hospital forthrightly disclosed that it paid ransom to protect their patients from a crippling ransomware attack.
Read and watch the show’s preview of the segment.
And keep in mind that we have all read conflicting statistics about what happens next when entities do pay the ransom. Some reports say that only a minority of victims get working decryption keys, while one major law firm’s report says that 94% of their clients who pay the ransom do get the decryption keys.
So I continue to suspect, but cannot prove, that ransom is being paid a lot more often than we read about in the media. I wish there was a way to get all incident response firms and lawyers to share a bit more about how often this happens — and to share how often there have been ransomware incidents that potentially put patients at risk of harm but we were never told about the incidents at all.