It’s only been a few weeks since the Hollywood Presbyterian Medical Center had its network locked up by a ransomware attack that forced staff to use land lines, fax machines, and keep paper records. Now it seems that more medical centers has fallen victim to a form of malware, this time the target is the computer systems of MedStar, a hospital chain in the Baltimore-Washington area.
In the case of the Hollywood attack, a ransom of around 40 bitcoins, equal to around $17,000, was paid to the attackers for the key to unlock the encrypted systems. We still don’t know if this latest incident is also a ransomware infection, but it seems highly likely as the attack appears identical.
When asked if the hackers were demanding a ransom, MedStar spokeswoman Ann Nickels said "I don't have an answer to that," and referred to the company's statement.
MedStar, which operates ten hospitals in the area, has shut down its network in an attempt to prevent further spread of the virus, according to the company. “We are working with our IT and Cybersecurity partners to fully assess and address the situation,” the hospital said in a statement. The FBI is also investigating the matter.
Networks temporarily shut down to prevent virus spread. We have no evidence of compromised information. All facilities remain open.— MedStar Health (@MedStarHealth) March 28, 2016
MedStar stressed that there is no evidence patient files have been compromised and all facilities will remain open, despite the lack of access to medical records, scheduling computers, internet services, and email. Workers are communicating with each other using pagers and via courier.
“The organization has moved to back-up systems, paper transactions where necessary,” the company said.
Worryingly, it does look as if using malicious software to shut down hospitals' systems is becoming more popular. As long as organizations continue to pay the ransom, more attacks could follow. But giving the attackers what they want is usually the only option when a system has been encrypted, and even then it’s no guarantee that they’ll hand over the unlock key.