Gold Coast reseller Essential IT Services has been tasked with restoring the data of a local medical centre from a gang of suspected Russian hackers who are holding the centre’s patient records to ransom.
The Queensland reseller, run by managing director Jason Fillmore, has been brought on by the Miami Family Medical Centre in the aftermath of the attack which saw an unknown party hack into a server and encrypt the company’s medical records. The attackers are demanding $4000 to release the files.
The medical centre runs Windows 2003 Small Business Server Premium. Fillmore said the hackers disabled the server and the anti-virus and backup software, encrypted all the centre’s files then deleted and wrote over the originals. He said the hackers did the same to the attached backup devices to prevent file recovery.
“It was a very well thought out attack that was targeted at them and has been done to several other medical practices here recently,” Fillmore told CRN.
Fortunately, Fillmore said, his client had backups on DAT tapes each day and another external drive backup offsite, which meant the data was able to be recovered without having to pay the ransom.
“The backup system in place was pretty good but the recovery of the data and getting them up and running has been a bit of a job as it was a data backup and not a full system image backup,” Fillmore said.
“They are up and running again with their core practice management software on a temporary server and I have a new server install later in the week once I receive all the required licenses.”
Fillmore estimated the centre would be fully operational on new hardware, backup and security by early next week, around two weeks after the attack. He said the medical centre had been preparing to upgrade its hardware anyway but had brought forward the installation due to the attack.
"Normally I'd have the time to sit with a client to discuss and plan the upgrade so it could be done in a more timely fashion but getting the plan together, ordering the hardware and software and getting them up and running all at the same time has been a bit challenging to say the least, ” he said.
“That is the reason I love working in the IT industry as you never know what the next phone call you receive will bring and every single day is different.”
In a statement the Queensland police said they believed the offenders to be operating from Russia.
Essential IT Services launched in 1999. It is a two-person operation on the Gold Coast servicing the accommodation industry and SMBs. Fillmore has an extensive background in IT, having worked in the field for 10 years prior to starting his business.
-1.jpg&w=100&c=1&s=0)
.png&w=100&c=1&s=0)
