Hospital chain MedStar shuts down its network systems after infection by unknown virus

[midian182]

It’s only been a few weeks since the Hollywood Presbyterian Medical Center had its network locked up by a ransomware attack that forced staff to use land lines, fax machines, and keep paper records. Now it seems that more medical centers has fallen victim to a form of malware, this time the target is the computer systems of MedStar, a hospital chain in the Baltimore-Washington area.

In the case of the Hollywood attack, a ransom of around 40 bitcoins, equal to around $17,000, was paid to the attackers for the key to unlock the encrypted systems. We still don’t know if this latest incident is also a ransomware infection, but it seems highly likely as the attack appears identical.

When asked if the hackers were demanding a ransom, MedStar spokeswoman Ann Nickels said "I don't have an answer to that," and referred to the company's statement.

MedStar, which operates ten hospitals in the area, has shut down its network in an attempt to prevent further spread of the virus, according to the company. “We are working with our IT and Cybersecurity partners to fully assess and address the situation,” the hospital said in a statement. The FBI is also investigating the matter.

Networks temporarily shut down to prevent virus spread. We have no evidence of compromised information. All facilities remain open.

— MedStar Health (@MedStarHealth) March 28, 2016

MedStar stressed that there is no evidence patient files have been compromised and all facilities will remain open, despite the lack of access to medical records, scheduling computers, internet services, and email. Workers are communicating with each other using pagers and via courier.

“The organization has moved to back-up systems, paper transactions where necessary,” the company said.

Worryingly, it does look as if using malicious software to shut down hospitals' systems is becoming more popular. As long as organizations continue to pay the ransom, more attacks could follow. But giving the attackers what they want is usually the only option when a system has been encrypted, and even then it’s no guarantee that they’ll hand over the unlock key.

Permalink to story.

https://www.techspot.com/news/64257-hospital-medstar-shuts-down-network-systems-ransomware.html

 

[IAMTHESTIG]

Why do hospitals even have internet access for their primary medical systems? Frickin' block them all from internet! Only need internet for guest WiFi. The hospital can designate a few "internet" connected computers in each section that don't even touch the same network as the rest of the computers.

 

[VitalyT]

Basic prophylactics pitched by doctors against viruses - early/preemptive vaccination.

Somebody should educate them that it works the same with computers.

 

[amstech]

Why do hospitals even have internet access for their primary medical systems? Frickin' block them all from internet! Only need internet for guest WiFi. The hospital can designate a few "internet" connected computers in each section that don't even touch the same network as the rest of the computers.

You sir, have no idea of what you speak.
I have worked as a technician at a Hospital for 7+ years now and I can firmly tell you internet access is required.
Now that being said, don't make all these assumptions. Most users don't have access or just have basic access, our Barracuda only allows through what we tell it.

 

[cliffordcooley]

I sincerely hope the attackers find their way to a hospital that could help, if only the hospital still had resources for which they played a hand in removing. I wish I could be there to say the word "irony".

 

[Skidmarksdeluxe]

This is a hospital for crying out aloud, you'd think they'd know how to combat viruses. Silly jokes asides, they're playing with peoples lives here. If they catch these freaks I hope they get 25 to life, no parole.

 

[cliffordcooley]

I hope they get 25 to life

"5 to death" 5 years to reflect as they journey to the gas chamber. And then give a public statement just before the end, as to whether they think their decision was worth it..

 

[maxxcool]

Why do hospitals even have internet access for their primary medical systems? Frickin' block them all from internet! Only need internet for guest WiFi. The hospital can designate a few "internet" connected computers in each section that don't even touch the same network as the rest of the computers.

You sir, have no idea of what you speak.
I have worked as a technician at a Hospital for 7+ years now and I can firmly tell you internet access is required.
Now that being said, don't make all these assumptions. Most users don't have access or just have basic access, our Barracuda only allows through what we tell it.

And I for 15 years have done only AV support and know of one tech firm that maintains two different hospital chains that run a batch file to unlock doctors AD accounts every 15 minutes because of rampant sality, qakbot infections on winxp devices and hope laptops used by the staff. it is easy to find good networks and bad. this one is bad if it took out the whole network and was unable to be stopped.

 

[Hexic]

For internal networks that are compromised - WELL over the majority of the time, it's not necessarily the 'network' (whatever everyone keeps generalizing that as), but it's the employees - human error.

A secretary opened an email with a virus on it (in her spam folder, mind you), it spread throughout the network, and boom. You have a compromise. It's the employees lack of training in most cases that cause network breaches - because they either aren't trained, aren't careful, or a combination of both.

Speaking of hospitals - the good ones have an IT department that will purposefully send out fake phishing emails to their employees, and then see how many of them do what they were told not to. And every month, there are employees that fall for it. Those employees then get to sit through half a lovely day's worth of re-training!

 

[tonylukac]

Ironic that a hospital is infected by a "virus". I volunteered at 2 hospitals in the area at the wrong time; after I finished my medical "career". The one hospital, good samaritan, runs win xp. People in the er there aren't properly trained on ipads. They type gibberish in fields and you hear it going beep, beep, beep while they're typing; ipad ignoring most of what they're wrongly entering. I didn't get sick, but everyone around me was. You develop an immunity. You earn more in computers in civil service. Doctors earn about $180,000. Firemen in this neighborhood earn $200,000 in 10 years, after medical, dental, optical, and life insurance, along with six figure retirements. They don't need a college degree, much less medical school nor internship.

 

[Raoul Duke]

I see Win XP in the hospitals here, I'm sure somewhere there is an IT crying on his knees, begging the CEO to upgrade, but is told no, it costs too much.