Now Reading
New Type Of Ransomware Strikes Kentucky Hospital

New Type Of Ransomware Strikes Kentucky Hospital

by Elliot MarasMarch 28, 2016

Methodist Hospital in Henderson, KY, declared a state of emergency after encryption-based ransomware infected its computer systems, according to Tech Times. The perpetrators demanded four bitcoins which is equal to about $1,600 in exchange for providing the hospital a key to enable access to the locked files.

The attackers used a new type of ransomware called Locky, which encrypts the files and then deletes the original versions. The hospital shut down its working computers temporarily to prevent further infection, scanned them for encryption, then restored them once it was determined they were not infected.

To regain access to files encrypted with Locky malware, it is necessary to either restore the file from a backup or pay the ransom. It is possible to restore the file if the backup does not exist on a network that someone can access from an infected PC.

Attack Lasts Five Days

The attack began Friday, March 18, and lasted five days, according to HealthcareITNews. The hospital declared an internal state of emergency and posted this to their website:

“Methodist Hospital is currently working in an Internal State of Emergency due to a Computer Virus that has limited our use of electronic web based services. We are currently working to resolve this issue, until then we will have limited access to web-based services and electronic communications.”

Paying Ransom a Last Resort

David Park, an attorney for the hospital, said any decision to pay the ransom depended on how many records were locked. He said paying the ransom would be the last resort.

The hospital website had no mention of the attack on its website today.

When Hacked contacted the hospital today, Sunday, to ask about the attack, the receptionist said no one was available for comment. The receptionist volunteered that the hospital probably would not provide any further information about the incident.

The attackers sent spam mail that referred to invoices calling for recipients to open an attached file, according to KrebsOnSecurity.

The FBI is investigating the attack but declined to comment. In a January report, the FBI said there has been an increase in ransomware attacks recently against institutions and businesses.

Also read: German hospitals targeted in ransomware-based crime

Ransomware Attacks Against Hospitals Rising

Hollywood Presbyterian Medical Center in Los Angeles suffered a similar attack, CCN reported last month. In that attack, hospital executives paid $17,000 worth of bitcoin to hackers, according to HealthcareITNews.

Last week, attackers disabled four computers at Ottawa Hospital. Officials said they did not pay the ransom since they had the data backed up.

The Institute for Critical Infrastructure Technology noted that in 2016, ransomware will “wreak havoc” on the country’s infrastructure community since it has become so prevalent. The report said criminals are using price calculations and social engineering to target low-risk, high-reward victims.

Featured image from Shutterstock.

Advertised sites are not endorsed by us. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
What's your reaction?
Love it
Hate it
  • Steve-o

    How can a hospital – or any organization – be in place without good backups? We’ve had several customers get hit with this virus, it’s inconvenient but not a disaster. Delete encrypted files, recover from backups, move on.

  • They declared a state of emergency over $1,600??? Is this a joke? Their are people who do not pay their bills that are in the hundreds of thousands of dollars. Do they also declare a State of Emergency over those as well? -lol
    Grown up childish brats. If they paid the $1,600 like the FBI told them to do. They would have their files in 10 minutes. While i normally do not condone ransomware use, especially against individuals. In this case with the way this corporation is over reacting. I’d say they deserve it. Whoever did this, should double their asking amount.
    Besides, i do not think a Hospital corporation can even declare a legitimate State of Emergence. That is up to the State to do me thinks lol.
    If they want to prevent this in the future. Simply use Kaspersky protection for Corporation, small business or home.