Skip to main content

Ransomware plagues Kentucky hospital, forces total system shutdown

kentucky hospital subjected to ransomware hacker keyboard
In yet another large-scale ransomware attack, Henderson, Kentucky-based Methodist Hospital has announced an “internal state of  emergency,” according to Krebs on Security, after numerous files on its computer systems were savaged by encryption. The way ransomware works, all of the documents involved will be held for ransom, awaiting the hospital’s payment, hence the name.

As reported by the hospital’s information systems director Jamie Reid, the ransomware in question is “Locky,” which left thousands of Microsoft Office customers at risk just last month.

Related Videos

The way it works is this: The malware locks away your files, including pictures and documents, encrypting them on an infected host, and proceeds to erase the originals. Those attacked then have the option to either pay a handsome fee to the perpetrator, or alternatively, they can restore the original files from a backup, assuming it’s not on the same network as the computer in peril.

In regards to Methodist Hospital specifically, the ransomware attempted to move from one computer system to an entire network, and in turn, ended up compromising a number of different systems. As a result, the hospital was basically forced into shutting down every computer on the network, reinstating them one by one after individually vetting them for symptoms of infection.

“We have a pretty robust emergency response system that we developed quite a few years ago,” boasted David Park, an attorney for the Kentucky healthcare center, “and it struck us that as everyone’s talking about the computer problem at the hospital maybe we ought to just treat this like a tornado hit, because we essentially shut our system down and reopened on a computer-by-computer basis.”

Unlocking the files by way of ransom would set the hospital back a total of four bitcoins, equating to $1,600 in US dollars.

The hospital has yet to determine a plan on responding to the threat.

“We haven’t yet made [a] decision on that, we’re working through the process,” Park explained. “I think it’s our position that we’re not going to pay it unless we absolutely have to.” As a result of the virtual onslaught, the biggest concern, Park added, is that all operations are now handled on paper as the hospital awaits a final verdict.

“We have downtime procedures to going to paper system anyway, so we went to that paper system,” he admitted. “But we don’t feel like it negatively impacted patient care. They didn’t get any patient information.”

Let’s hope the hospital finds a workaround promptly, as giving the ransomware attackers exactly what they asked for could expose other similar institutions to additional attacks.

Editors' Recommendations

This game lets hackers attack your PC, and you don’t even need to play it
Genshin Impact characters.

Hackers have been abusing the anti-cheat system in a massively popular game, and you don't even need to have it installed on your computer to be affected.

The game in question is called Genshin Impact, and according to a new report, hackers are able to utilize the game's anti-cheat measures in order to disable antivirus programs on the target machine. From there, they're free to conduct ransomware attacks and take control of the device.

Read more
Ransomware victims are refusing to pay — but is it working?
A depiction of a hacked computer sitting in an office full of PCs.

A new report has highlighted how ransomware payments to hackers have begun to slow down, with victims continuously opting to not cave in to demands.

Coveware, a company that provides ransomware decryption services, revealed some interesting analytics relating to the state of ransomware during the second quarter of 2022.

Read more
This anti-hacker group helps you escape ransomware for free
A depiction of a hacked computer sitting in an office full of PCs.

This week marks the sixth anniversary of the No More Ransom project, an initiative aimed at helping ransomware victims.

Operating as an online platform to help anyone who’s experiencing trouble after their system has been infected by some form of ransomware, No More Ransom was formed as a joint venture between law enforcement (Europol and the Dutch National Police) alongside IT security firms (Kaspersky and McAfee).

Read more