Quote:Despite hospitals being on the front lines during the pandemic, bad actors have continued to target them with ransomware. In addition to wreaking havoc on operational processes in medical facilities at the worst possible time, the attacks have evolved to threaten patient safety.
In September, employees at Universal Health Services (UHS), a Fortune-500 owner of a nationwide network of hospitals, reported widespread outages that resulted in delayed lab results, a fallback to pen and paper, and patients being diverted to other hospitals. The culprit turned out to be the Ryuk ransomware, which locked up hospital systems for days.
“No patients died tonight in our [emergency room] but I can surely see how this could happen in large centers due to delay in patient care,” a Reddit user identifying themselves as a nurse, wrote at the time.
The concern isn’t overblown. Earlier that month, a ransomware attack at a Dusseldorf University hospital in Germany resulted in emergency-room diversions to other hospitals. According to a report by the Ministry of Justice of the State North Rhine-Westphalia, a patient died who had to be taken to a more distant hospital in Wuppertal because of the attack on the clinic’s servers.
This turn of events comes after several ransomware gangs actually pledged not to hit hospitals because of the ongoing COVID-19 scourge. The Maze and DoppelPaymer groups, for instance, said they would not target medical facilities and, if accidentally hit, would provide the decryption keys at no charge. The Netwalker operators, meanwhile, said they would not target hospitals, however if accidentally hit, the hospital would still have to pay the ransom.
Other groups have less scruples, and in fact, some (like Netwalker) have reneged on their pledges. In fact, incidents of ransomware attacks against hospitals skyrocketed in October. So much so that, the U.S. Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation, and the U.S. Department of Health and Human Services issued a security bulletin warning of “credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.”
Read more: https://threatpost.com/ransomware-hits-h...st/162096/
![[-]](https://www.geeks.fyi/images/collapse.png)
