Pierluigi Paganini October 13, 2019

An Alabama hospital chain announced to have restored normal operation after paying the ransom request by crooks that infected its systems with ransomware.

A hospital chain in west Alabama was recently hit by a ransomware attack that paralyzed its systems. The organization opted out to pay the ransom and announced to have restored normal operation.

The hospital chain hasn’t revealed the amount it has paid to the crooks to decrypt the data, it seems that an insurance covered the cost.

Recently I reported that several hospitals and health service providers from the U.S. and Australia were hit by ransomware attacks that forced the administrators to shut part of their IT infrastructure. At the time, a joint press release published by the affected hospitals, the DCH Regional Medical Center, Northport Medical Center, and Fayette Medical Center from West Alabama’s Tuscaloosa, Northport, and Fayette, revealed that the infrastructures had limited access to their computing systems.

“The DCH Health System said its hospitals in the west Alabama cities of Tuscaloosa, Northport and Fayette resumed admitting patients Thursday, and its imaging and patient scheduling services were going back online Friday.” reads the post published by the Associated Press.

The operations at the hospitals were severely impacted for 10 days during which the hospitals kept treating people, but new patients were sent to other hospitals in Birmingham or Mississippi.

“We had to gain access to our system quickly and gain the information it was blocking,” chief operating officer Paul Betz told a news conference. “As time goes by, and we determine the full impact of this, we will be very grateful we had cyber insurance in place.”

The systems at the hospitals have been infected with a variant of the Ryuk ransomware, internal staff reverted to using paper files.

“A statement from the system said workers were still restoring some nonessential systems including email and were trying to get programs operating at full speed.” continues the post.

The three hospitals admitted more than 32,000 patients last year.

A few weeks ago, the Campbell County Memorial Hospital in Gilette, Wyoming was hit by a ransomware attack on its computer systems that caused service disruptions.

Recently several US cities have suffered ransomware attacks, in August at least 23 Texas local governments were targeted by coordinated attacks.

Some cities in Florida were also victims of hackers, including Key Biscayne, Riviera Beach and Lake City. In June, the Riviera Beach City agreed to pay $600,000 in ransom to decrypt its data after a ransomware-based attack hit its computer system. A few days later, Lake City also agreed to pay nearly $500,000 in ransom after a ransomware attack.

In July 2018, another Palm Beach suburb, Palm Springs, decided to pay a ransom, but it was not able to completely recover all its data.

In March 2019, computers of Jackson County, Georgia, were infected with ransomware that paralyzed the government activity until officials decided to pay a $400,000 ransom to decrypt the files.

Health organizations weren’t spared either, LabCorp and Hancock Health being only two of the most recently affected.

Pierluigi Paganini

(SecurityAffairs – hospitals, ransomware)

[adrotate banner=”5″]

[adrotate banner=”13″]