Ransomware virus shuts down a hospital for 5 days. All surgeries computers blocked

Over the past year there has been a significant increase in the number of ransomware attacks against hospitals and clinical laboratories in the US and, apparently, the trend will continue in 2020. A few days ago, local media reported a cybersecurity incident that would have affected operations at Hackensack Meridian Health, New Jersey’s largest hospital; days later, management confirmed the encryption malware infection.  

“We chose to wait until we confirm the ransomware attack to issue an official statement,” the hospital’s staff says. “Major clinical systems work as usual as our IT teams are working to restore 100% our applications.” Hospital officials also said there is no indication that workers’ or patients’ personal information was compromised during the incident.

The attack disrupted normal hospital operations in various areas, mainly billing, laboratory and radiology systems, said a cybersecurity researcher who is collaborating in the incident recovery process.

Although to a lesser extent, the attack also had repercussions on at least one hundred surgeries scheduled at the hospital, which had to be rescheduled. Hospital officials said that, as those are minor surgeries, their postponement did not compromise the integrity of patients. “We apologize for any inconvenience caused to our patients,” adds the statement, “Your security remains our priority.”

Regarding the recovery process, Hackensack Meridian mentioned that the hospital has a cybersecurity incident protection insurance policy, so the insurer company covered most of the ransom amount. Hospital management refused to disclose the amount paid to hackers to regain access to their systems.

Ransomware infections remain one of the most common attack vectors. The International Institute of Cyber Security (IICS) mentions that, during 2019, at least 700 health institutions were attacked with encryption malware, compromising operations and data storage systems, including clinical histories, diagnostics, prescriptions, laboratory results, as well as personal information. In addition to hospitals, public schools, local government institutions and retail vendors have become the main targets of ransomware attacks; the large number of existing malware variants and the emergence of platforms known as ransomware-as-a-service have also contributed to the rampant increase of this malicious practice.