A hosptial is completely infected with ransomware; how will its 107 patients survive?

Ethical hacking specialists affirm that a ransowmare infection has compromised the information of over 85k patients of the Grays Harbor Community Hospital, in the US.

About a month ago, hospital IT staff detected some encrypted files in databases that store patients’ medical records. Subsequently, hospital employees received the ransom note sent by the attackers.

To make matters worse, attackers added a rare code as an additional encryption measure, complicating an eventual recovery process, as mentioned by ethical hacking specialists. The picture is exacerbated by the possible inconveniences this incident could generate for the more than 100 patients currently staying at the hospital.

After securing the network, hospital staff, with the help of a group of experts in external ethical hacking, began the process of retrieving information, although multiple areas of the hospital’s IT infrastructure remain blocked and inaccessible to the hospital staff.

The organization, located in the Aberdeen region, in Washington, says it has no strong evidence to believe that any personal information has been leaked outside its databases, and clinicians and staff continued to care for patients.

According to ethical hacking specialists from the International Institute of Cyber Security (IICS) most of the health information contained on its systems was at risk, including Social Security numbers and other sensitive personal data, and unfortunately the hospital has been unable to fully recover all of the data that was compromised by threat actors.

Affected patients are getting one year of credit monitoring services for free as a security measure. Grays Harbor Community Hospital is working with cybersecurity experts to improve its network’s malware protection systems, the network’s real-time monitoring software and the network’s operating system, as mentioned though a statement.

Additional details, as well as technical information about the attack, are still unavailable, but further statements are still expected by the cybersecurity community.