Change Healthcare Hackers broke in nine days before they were hit by a ransomware attack, and United Health Group paid the ransom to hackers.

The attackers, who represented themselves as the ALPHV ransomware gang or one of its affiliates, gained entry into Change’s network on Feb. 12, a person familiar with the cyber investigation said. They used compromised credentials on an application that allows staff to remotely access systems, the person said.

 The dilemma of whether to pay or not to pay is becoming more common for many business and security leaders who face a rising wave of ransomware attacks. Attackers want to force them into a moral quandary where they have no option but to pay ransoms to restore their services. The situation is even more critical when they have to choose between patient care and ransom demands.

Ransomware remains the most lucrative tool in the cybercriminals’ arsenal, which means the chances of being a victim of an attack are not favourable for the defenders.

One of the most vital steps that firms in a similar position to Change Healthcare can take against ransomware is to seek professional help.

The assistance of cyber experts will make it much easier to handle an incident when a breach does happen, providing experience and guidance to counter the natural panic that the threat actors are relying on. This includes support for solutions and policies like MFA that reduce the risk of a breach and anti data-exfiltration (ADX) technology to stop data from being stolen and used for double extortion.