4.10.19

Hospitals in US, Australia hobbled by ransomware


 The incidents send medical staff back to the days of pen and paper
 Several hospitals in the United States and Australia have been paralyzed byransomware attacks, leading to the cancellation of all but the most urgent appointments and surgeries.
In the US, the outbreak affected three Alabama-based healthcare providers –

DCH Regional Medical Center, Northport Medical Center, and Fayette Medical Center. Early on Tuesday, all of them were hit by a ransomware strain known as Ryuk, said the DCH Health System, which operates all three facilities.
Ryuk – which is detected by ESET endpoint protection as a variant of Win64/Filecoder.T – has previously been used in other highly disruptive attacks, including one that resulted in printing and delivery delays for a number of US newspapers late last year.

All three affected hospitals have implemented emergency procedures to ensure the safety of their patients. The DCH has given assurances that the hospitals are “still able to provide critical medical services to those who need it”.

On the other hand, patients with non-emergency health needs were encouraged to seek assistance in neighboring medical facilities. Only elective procedures and surgical cases that had been scheduled for Wednesday went ahead as planned.

There is no word on the demands of the cyber-extortionists, according to an earlier press release that is no longer available on the DCH’s website. The new statement notes that the DCH is working closely with federal authorities and IT security experts on restoring its systems.

Meanwhile in Australia, the Victorian government announced on Tuesday that “a number of hospitals and health services” in the state had fallen victim to ransomware attacks on Monday. The affected healthcare providers are part of the Gippsland Health Alliance and the South West Alliance of Rural Health. At least seven major regional hospitals were impacted, according to The Age.
The government has deployed the Victorian Cyber Incident Response service to deal with the attack. The report states that computer systems in the affected hospitals have been isolated in order to quarantine the infection. The impacted systems include patient records, booking, and management systems.

According to a report published earlier this year by the office of the Victorian Auditor-General, Victoria’s public health system is highly vulnerable to cyberattacks like those that affected healthcare providers in Singapore and the United Kingdom (UK) in recent past.

The UK’s National Health System was crippled by WannaCryptor (aka WannaCry) in 2017, which cost the NHS £92 million (US$115 million). This prompted the NHS to bolster its cybersecurity posture and work on an infrastructure that would prepare it for any such future attacks.
A few years ago, ESET security researcher Lysa Myers brought up the issue of what healthcare organizations need to do to get their cybersecurity in order. More recently, she also looked at why successful ransomware attacks are symptomatic of a greater problem. Security advice on ransomware attacks is provided in our comprehensive white paper, Ransomware: An enterprise perspective.

In recent months, a number of US municipalities and other public entities have been hit particularly hard by ransomware attacks. Baltimore, for one, has spent a whopping US$18.2 million on restoring access to its systems. Twenty-three towns in Texas and two in Florida have also had their systems locked down and faced downtime due to ransomware recently.