Multiple hospitals in the US and Australia shut down operations due to ransomware attack

Ransomware incidents attacking critical infrastructure in various countries keep happening. This time, IT system audit specialists report that a series of attacks have disrupted operations at multiple hospitals in Australia and the US, affecting hundreds of patients who require special care and surgical interventions in which technological infrastructure plays a key role.

Through a statement, affected hospitals (DCH Regional Medical Center, Northport Medical Center and Fayette Medical Center at Alabama, US) mentioned that for now they were not able to access their systems, as a significant portion of their infrastructure was compromised by this incident. 

Patients who were already in hospitals at the time of ransomware infection will be treated normally, unless they require care available only in other hospitals. Hospital IT system audit teams also ensured that surgeries that had already been scheduled will be performed despite the shortcomings that hospitals face. The three hospitals affected by encryption malware are part of the DCH Health System, a government area responsible for operating a publicly owned health system in the US.

On the other hand, multiple hospitals in Gippsland, Australia, were also hit by a ransomware attack that affected access to patient records and management systems. As a result, many doctors have lost access to their patients’ medical history, which has postponed diagnostics and surgical interventions.

In total, 18 facilities in Australia were impacted by the ransomware. IT system audit specialists mention that hackers managed to bypass many of the security filters installed by the hospital IT team, forcing the closure of many systems. 

As a security measure, affected hospitals isolated many of their systems to prevent the spread of ransomware. In addition, administrative staff had to employ manual methods to keep operations afloat. So far no additional details have been revealed, such as the hacker group responsible for the attack, the ransomware variant used or the ransom amount that the attackers have demanded. 

IT system audit experts from the International Institute of Cyber Security (IICS) mention that, due to factors such as the type of infrastructure targeted in this attack and the apparent synchronization between the two incidents, the authorities in both countries must determine whether the same group of cybercriminals is behind this wave of attacks.

So far in 2019, at least 620 attacks targeting critical infrastructure from the US government have been detected. Among the most prominent targets of these cyberattacks are 70 state and municipal entities, including a serious outbreak of Ryuk ransomware in a small Florida town that forced the local government to pay more than $400k USD in ransom.

Another devastating attack occurred in the city of Baltimore, whose systems were infected with the dangerous RobbinHood ransomware. In this case, officials refused to pay $75k USD in ransom; however, the recovery costs have already exceeded $18 million USD.