Posted on January 16, 2018 at 8:13 AM
US Hospital System Offline Following Ransomware Attack
A US hospital was forced to revert to a pen-and-paper system after a severe ransomware attack forced their system offline.
A United States-based hospital recently had to forcibly shut down all their computer systems and databases after hackers managed to infiltrate and compromise the internal network with a ransomware that kept their files hostage and demanded payment in return for the files.
The Indiana-based Hancock Regional Hospital confirmed last week that they were currently operating using a purely pen-and-paper system following the cyber attack. Despite the attack’s crippling nature, the hospital emphasized that they were still open to all patients and that all patient data was still secure.
According to the media outlet, Fox59, the hospital’s IT department immediately alerted the Federal Investigation Bureau (FBI) of the attack after they realized that the scope and implications of the attack had spiraled out of their reach.
This last Saturday, Hancock Regional was still offline and operating using pen and paper.
According to officials, the cybercrime impacted the hospital’s operating systems, emails, and online health records.
The hospital released an official statement which noted that the hospital has fallen victim to a cybercrime that has been conducted by an unknown individual or entity. The responsible party sought to make the hospital’s systems inaccessible by subjecting it to a file-lock system and demanding a ransom fee in return for the encryption key needed to unlock the files.
The statement added that the hospital was working closely together with an outsourced specialized cybersecurity firm as well as legal authorities in order to resolve the issue. The statement concluded by commending both the hospital’s IT department as well as their healthcare team for the way in which they acted in this emergency and stressed that their doors remained open.
According to Hancock Regional Hospital’s strategy officer, Rob Matt, the ransomware campaign was launched last week Thursday at 10 pm. Matt stated that currently, the investigation suggests that patient records were not compromised which makes the hack somewhat ineffective. The strategy officer added that Hancock frequently performed emergency drills which included scenarios pertaining to cybercrimes. Matt stated that the hospital was perfectly capable of still providing its patients with world-class care despite the added inconvenience.
Matt confirmed that the hospital refused to pay the ransom fee.
Ransomware campaigns are popular among hackers and are generally spread by malicious email attachments which places an infected device’s files under encryption. The hackers then demand a ransom fee from the user in turn for the encryption key.
Hospitals have become a popular target for hackers. In February 2016, the Los Angeles-based hospital, the Hollywood Presbyterian Medical Centre, fell victim to a ransomware campaign which forced the hospital officials to pay $17,000 in return for the files.
In addition, the notorious ransomware campaign, WannaCry, made headlines last year especially when it managed to infiltrate several computers at the UK’s National Health Service (NHS).
Industry experts have advised any victim of a ransomware attack to decline to pay the ransom fee as it is impossible to guarantee that your files will be returned.