More hospitals hit by ransomware as feds warn about cyberattacks
A recent wave of ransomware attacks has infected more hospitals than previously known, including a University of Vermont network with locations in New York and Vermont.
The University of Vermont Health Network is analyzing what appears to be a ransomware attack from the same cybercrime gang that has infected at least three other hospitals in recent weeks, according to two sources familiar with the investigation who weren’t authorized to comment about it before it is complete.
Several federal agencies warned Wednesday of “an increased and imminent cybercrime threat” to the country’s health care providers, particularly from a gang that uses a strand of ransomware called Ryuk. The U.S. has repeatedly hit record highs for daily confirmed coronavirus infections.
The FBI and the Cybersecurity and Infrastructure Security Agency, part of the Department of Homeland Security, sent an updated alert Thursday night with new technical information, adding that they have “credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.”
As many as 20 medical facilities have been hit by the recent wave of ransomware, said a person with knowledge of the matter, who spoke on the condition of anonymity because they weren’t authorized to speak publicly. The figure includes multiple facilities within the same hospital chain.
Three other hospital chains have recently confirmed cyberattacks, believed to be ransomware, by the same gang: the Sky Lakes Medical Center, with 21 locations in Oregon; Dickinson County Healthcare System in Michigan and Wisconsin; and the St. Lawrence Health System in northern New York. It was not clear how much of their systems or how many locations had been hit by the ransomware.
Tom Hottman, a spokesperson for Sky Lakes Medical Center, confirmed that the company had been infected with Ryuk and said its computers were inaccessible, halting radiation treatments for cancer patients.
“We’re still able to meet the care needs for most patients using work-around procedures, i.e. paper rather than computerized records. It’s slower but seems to work,” he said in an email.
Joe Rizzo, a spokesperson for Dickinson, said in an email that their hospitals and clinics are using paper copies for some services because computer systems are down.
Rich Azzopardi, senior adviser to New York Gov. Andrew Cuomo, said the state’s Division of Homeland Security and Emergency Services and other groups had been in communication about the St. Lawrence attack.
Details about a major wave of ransomware attacks on U.S. hospitals began to emerge at the end of September when computer systems for Universal Health Services, one of the biggest hospital chains in the country, were hit, forcing some doctors and nurses to use pen and paper to file patient information. Jane Crawford, the chain’s director of public relations, said in an email at the beginning of October that no one had died because of the attack.
Ransomware attacks often gain access to secure systems and then encrypt files. The people behind the attacks then demand money to decrypt the files.
Ryuk is transmitted through