My newest hero in the fight against ransomware is Little Red Door Cancer Services of East Central Indiana (Little Red Door). I am sending a donation to it to celebrate its courage in the last few weeks.

Little Red Door is a small not-for-profit agency in Indiana devoted to help cancer victims during their treatment, recovery and end of life. Its mission is to help people suffering with cancer.

On January 11, 2017, TheDarkOverlord attacked Little Red Door with ransomware and demanded a payment of 50 Bitcoin (approximately $43,000) for return of the data. If the ransom wasn’t paid, the threat was that confidential information would be disclosed to the public.

According to Little Red Door, paying the criminal would have a significant impact on their provisions of services to those individuals that they help, so they followed the advice of the FBI and refused to pay. Little Red Door said it will “not pay a ransom when all funds raised must instead go to servicing families, all stage cancer clients, late stage care/hospice support and preventative screenings.” So they didn’t pay.

What did TheDarkOverlord do to this little vulnerable not-for-profit? He reduced his demand to $12,000 (well, everything is negotiable), but LittleRedDoor stood its ground. Next, he threatened to contact the families of the cancer patients, as well as donors, employees and corporate partners. Still, Little Red Door stood its ground and refused to pay.

TheDarkOverlord wiped the company’s database and physical backups. Luckily, Little Red Door has much of the information in paper files and a cloud storage backup system and it is in the process of rebuilding the database and reconstructing the data. Its crackerjack IT folks will have the data back up and running this week.

What a great story of courage and hope—if Little Red Door can stand up to the cyber bullies, can’t we all try to follow its lead?