Ransomware: How cybercriminals hold data hostage… and why the best solution is often paying a ransom – 60 Minutes

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360


We’re seeing just how defenseless our food and fuel supplies can be to hackers. This month, the largest meat producer in America was forced to close for several days. And that was only three weeks after hackers shut down the main source of gasoline for the East Coast. Both were ransomware, attacks by hackers who break into a computer network and lock it until ransom is paid. Colonial pipeline paid more than $4 million, in May, to get fuel flowing in the East again. As we first told you in 2019, critical public service networks are also targets. Twenty-six percent of cities and counties, for example, report that they fend off network attacks every hour. Perhaps even worse, dozens of hospitals have been held hostage all across the country.

In January 2018, the night shift at Hancock Regional Hospital watched its computers crash with deepest apologies. The 100-bed facility in the suburbs of Indianapolis got its CEO, Steve Long, out of bed.

Steve Long: We had never been through this before. And it’s something that I read in the journals. And I say, “Oh, those poor folks. I’m glad that’s never going to happen to us.” But when you come in and you see that the files on your computer have been renamed and all of the files were renamed either “we apologize for files” or “we’re sorry.” And there was a moment when I thought, “Well, maybe they’re not so bad. They said they were sorry.” But, in fact, they had encrypted every file that we had on our computers and on the network.

steve-long-1.jpg
Steve Long

Long told 911 to divert emergency patients to a hospital 20 miles away. His staff turned to pen and paper. Nothing electronic could be trusted.

Steve Long: This is a ransomware, so this is a virus that has gotten into the computer system. “Would it have the ability to jump to a piece of clinical equipment? Could it jump to an IV pump? Could it jump to a ventilator? We needed a little time just to make sure about that.”

But time was a luxury not offered in the ransom demand.

Steve Long: “Your network has been encrypted. If you would like to purchase the decryption keys, you have seven days to do so or your network files will be permanently deleted.” And then it gave us the…

Source…