Allscripts is yet to recover from SamSam Ransomware Attack!


A new variant of Ransomware called ‘SamSam’ is seen striking the companies operating in West and the latest victim happens to be ‘AllScripts Healthcare Solutions’, which offers electronic health records services and practice management to physicians, hospitals and Paramedics working across America.

The Chicago based company said that it is yet to recover from the ransomware attack a few of its systems operating in its Raleigh and Charlotte, NC datacenters is still reigning under the impact of the malware.

Jeremy Maxwell, the Director of Information Security said that the services related to Electronic Prescriptions for Controlled Substances (EPCS) and the PRO EHR services were the hardest hit by the attack. And other services were suffering from inconsistent outages related to availability.

Although the authorities were successful in restoring the EPCS by Saturday morning, they are still working to bring PRO EHR online.

Authorities from Allscripts released a press statement yesterday saying that the ransomware attack took place on Thursday, January 18 at around 2:00 am EST and by 6:00 am the IT staff of the company took a note of the incident. The immediately alerted the incident response teams of Microsoft and Cisco who offered assistance in dealing with the situation.

American Cybersecurity firm Mandiant, a subsidiary of FireEye,  was also pressed into service to detect the root cause of the incident.

Researchers from Mandiant found that Allscripts was infected by a new variant of SamSam attack which was unrelated to the versions which infected Hancock Memorial Hospital in Greenfield, Indiana and Adams Memorial Hospital again in Indiana. This data was confirmed by the Microsoft and Cisco researchers’ teams along with FBI.

Note 1-Cybersecurity Insiders learned last week that Hancock Hospital paid 4BTC or $55,000 USD to recover all the critical files on their systems as manual restoration from backups was tedious and time-consuming.

Note 2- Allscripts has a clientele base of 180,000 physician users, 45,000 ambulatory facilities, and offers solutions to more than 2500 hospitals and 13,000 extended care organizations.

Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display