Ransomware Attack in Hospital


New Member
Mar 31, 2017
Hi, I have got some trouble in my workplace right now and the IT department also is investigating to solve this issues. I am one of the medical record officers at one of the private hospital in my country. The ransomware encrypts the data of several patient records on hospital computers, and only in exchange with 100 bitcoins the attackers decrypt the data again. This is critical for hospitals due to there are deal with very sensitive patient data.

Therefore, I would like to ask the solution on:
1.how to trace the evidence of ransomware?
2. Where to get the evidence and information about the sender?
3. Is it we can trace with the IP address?
4.How to decrypt the data without exchange of bitcoin from the attacker?
5.What is the prevention steps can be applied towards this ransomware attack?

I expect a response from all of you regarding this issues and maybe with your ideas/comments and solution can solve my cases.
Thank you.


About us

  • Our community began in 2004. Since this time, we have grown to have over 29,000+ members within the DFIR & Cyber Security community.

    We are happy to announce that this forum is now under new ownership with the goal to once again become the main Digital Forensics Forum on the internet for DFIR, OSINT and Cyber Security.

    If you can think of ways to help us improve, please let us know.

    We pride ourselves on offering unbiased, critical discussion among people of all different backgrounds.

    We are working every day to make sure our community is one of the best.

Quick Navigation

User Menu