© 2018 Attivo Networks. All rights reserved. www.attivonetworks.com Deception Technology Derails Ransomware Attack on Regional Healthcare Provider Overview A New England healthcare provider, like many healthcare organizations, experienced many ransomware attacks. In this incident, the malware came into the network via a phishing email which contained an encrypted, password-protected file. The user unlocked the file, “detonating” the malware, which encrypted local drives and network shares, ultimately spreading ransomware through the network. As the ransomware spread, it contacted its Command-and-Control servers (C&C) to dynamically mutate the executable file to evade traditional malware detection and remediation tools. The ransomware encrypted the files on endpoints and server

Join for free to read