The incidents send medical staff back to the days
of pen and paper
In the US, the outbreak affected three
Alabama-based healthcare providers –
DCH Regional Medical Center, Northport Medical
Center, and Fayette Medical Center. Early on Tuesday, all of them were hit by a
ransomware strain known as Ryuk, said the DCH Health System, which operates all three facilities.
Ryuk – which is detected by ESET endpoint
protection as a variant of Win64/Filecoder.T – has previously been used in other highly
disruptive attacks, including one that resulted in printing and delivery delays for a number of US newspapers late last year.
All three affected hospitals have implemented
emergency procedures to ensure the safety of their patients. The DCH has given assurances that the hospitals are “still able to provide
critical medical services to those who need it”.
On the other hand, patients with non-emergency
health needs were encouraged to seek assistance in neighboring medical
facilities. Only elective procedures and surgical cases that had been scheduled
for Wednesday went ahead as planned.
There is no word on the demands of the
cyber-extortionists, according to an earlier press release that is no longer
available on the DCH’s website. The new statement notes that the DCH is working
closely with federal authorities and IT security experts on restoring its
systems.
Meanwhile in Australia, the Victorian government announced on Tuesday that “a number of hospitals and health services” in the
state had fallen victim to ransomware attacks on Monday. The affected healthcare
providers are part of the Gippsland Health Alliance and the South West Alliance
of Rural Health. At least seven major regional hospitals were impacted,
according to The Age.
The government has deployed the Victorian Cyber
Incident Response service to deal with the attack. The report states that
computer systems in the affected hospitals have been isolated in order to
quarantine the infection. The impacted systems include patient records,
booking, and management systems.
According to a report published earlier this year by the office of
the Victorian Auditor-General, Victoria’s public health system is highly
vulnerable to cyberattacks like those that affected healthcare providers
in Singapore and the United Kingdom (UK) in recent past.
The UK’s National Health System was crippled by WannaCryptor
(aka WannaCry) in 2017, which cost the NHS £92 million (US$115 million). This
prompted the NHS to bolster its cybersecurity
posture and work on an
infrastructure that would prepare it for any such future attacks.
A few years ago, ESET security researcher Lysa
Myers brought up the issue of what healthcare organizations need to
do to get their cybersecurity in order. More
recently, she also looked at why successful ransomware attacks are symptomatic of a greater problem. Security advice on ransomware attacks is provided
in our comprehensive white paper, Ransomware: An enterprise perspective.
In recent months, a number of US municipalities and
other public entities have been hit particularly hard by ransomware attacks.
Baltimore, for one, has spent a whopping US$18.2 million on restoring access to its systems. Twenty-three towns in Texas and two in Florida have also had their systems locked down and
faced downtime due to ransomware recently.