MedStar Health Hit with Ransomware Attack

 MedStar Health, a non-profit organization that runs multiple hospitals was struck with a malware attack.

Malicious hackers have attacked the computers at MedStar, a malware attack made public by the FBI and MedStar this week. The Baltimore Sun confirmed the ransomware attacks, citing a doctor at a MedStar hospital in Baltimore.

With the ransomware, the hackers have proceeded to encrypt the data in a way that MedStar employees and doctors are unable to gain access to the information. The malware attack, predictably offers a decrypt key to regain access to the locked data, in exchange for a ransom payment.

MedStar operates 10 hospitals along with other facilities in Baltimore and Washington.

A spokeswoman for the nonprofit medical system revealed that access to three critical clinical information systems had been restored. Doctors were also able to regain access to medical records, if only in a read-only basis for now, the spokeswoman added.

We have a bunch of smart IT people working around the clock [to regain access to the data]. Nothing is more important to MedStar health than the ability to provide patient care.

Samsam Ransomware

The hackers’ ransom note and the hidden website embedded within the ransomware redirects victims to websites identical to those used by a new form of powerful ransomware called Samsam. It is also known as Samas and MSIL.

Security researchers have revealed that the ransomware first appeared in December and is suitably destructive because of its ability to infect entire networks, instead of targeting individual machines.

MedStar has encouraged patients to call doctor offices directly as a result of the disruption caused by the ransomware attack, while it concentrates its IT effort to restore its electronic appointment system.

In a statement, MedStar revealed:

The malicious malware attack has created many inconveniences and operational challenges for our patients and associates. With only a few exceptions, we have continued to provide care approximating our normal volume levels.

The newspaper revealed that the ill-intending hackers have offered MedStar a bulk decryption discount of three bitcoins to decrypt a single computer. With 15 encrypted computers, that’s 45 bitcoins, about $19,000 to regain access to all of them.

 Image credit: Wikimedia.