Patient records held to ransom in Australia

Eyewire The patient data appeared to have been accessed without unleashing a virus, the owner claims

Related Stories

An Australian medical centre says its patient files have been encrypted by hackers, who are now holding them to ransom.

The hackers are demanding 4,000 Australian dollars ($4,200; £2610) to decipher the files, which contain confidential information.

The Miami Family Medical Centre claims that the attack was not the result of a virus.

A security expert told the BBC said this was an unusual scenario.

"We've got all the antivirus stuff in place - there's no sign of a virus. They literally got in, hijacked the server and then ran their encryption software," David Wood, co-owner of the Miami Family Medical Centre, told ABC News in Australia.

Rik Ferguson, from Trend Micro, said that while "ransom ware" has become much more common in the past 18 months, it is usually carried out by infecting computers with a virus.

"Ransom ware itself has become quite a common tool for cybercriminals but it does have the malware front end - you click a link and an infection encrypts your data," he said.

Unblock fee

It generally then takes the form of a message purporting to be from the police or a copyright authority saying that your computer contains illegal material and you must pay a fine - usually a relatively small sum - to unblock it.

Many people pay up because they are embarrassed or it is more convenient, he added.

"The guy from the medical centre seems absolutely certain there was no malware involved and it was a direct hack, but it's the first time I've heard of that happening," he told the BBC.

Mr Ferguson added that much of this sort of activity is carried out by cybercriminals in Russia and the former Soviet states.

"Make sure any sensitive data is not stored unencrypted," he said. "And that it is not connected to the internet. A lot of stuff does need to be connected online but you would only need to have your front-end server directly connected."

While IT professionals are working to decode the medical centre's files, Australian security expert Nigel Phair said he thinks the ransom will have to be paid.

"At this point, most probably, their only option is to pay," he told ABC.

"Though that's not the best option because as we know from extortion that once you pay they'll follow that up."

More on This Story

Related Stories

The BBC is not responsible for the content of external Internet sites

More Technology stories

RSS

Features

  • Baby being handed overFraught world

    The legal confusion over UK surrogate births


  • Bad resultsBlame game

    The best excuses to use when exam results don't make the grade


  • Police respond to a shooting in Santa MonicaTrigger decision

    What really happens before a police officer fires his gun?


  • Child injured by what activists say were two air strikes in the north-eastern Damascus suburb of Douma (3 August 2014)'No-one cares'

    Hope fades for Syrians one year after chemical attack


  • Lady AlbaGoing Gaga Watch

    Social media's use ahead of the independence referendum


BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.