Kentucky Workers' Compensation Fund Stops Ransomware Virus

Monday, June 12, 2017 | 0

One of Kentucky's largest workers' compensation carriers recently recovered from an attack to its system known as ransomware, a type of computer virus in which a hacker blocks access to data or threatens to publish it unless a ransom is paid. 

CSO, a news website that covers security and risk management topics, reported the ransomware attack late last month.

The virus took hold of the system after a Kentucky Workers' Compensation Fund employee clicked a link on a celebrity news site. A screen popped up reading, "You have been infected by ransomware," and the virus spread from the worker's computer to one of the system's shared hard drives. 

The virus' spread halted after the fund's IT team used data-replication software to revert the system to the moment before the worker clicked on the link, scrubbing the ransomware from the system.

The IT team was able to stop the attack within 15 minutes, and it did not seize any members' personal information, Kentucky Workers' Compensation Fund system administrator Rubyanne O'Bryan told CSO. 

Afterward, the IT department plastered the walls of the carrier's Louisville headquarters with signs indicating what employees should do if a data breach occurs.