March 31, 2016 by

MedStar Health Hit with Ransomware Attack

 MedStar Health, a non-profit organization that runs multiple hospitals was struck with a malware attack.

Malicious hackers have attacked the computers at MedStar, a malware attack made public by the FBI and MedStar this week. The Baltimore Sun confirmed the ransomware attacks, citing a doctor at a MedStar hospital in Baltimore.

With the ransomware, the hackers have proceeded to encrypt the data in a way that MedStar employees and doctors are unable to gain access to the information. The malware attack, predictably offers a decrypt key to regain access to the locked data, in exchange for a ransom payment.

MedStar operates 10 hospitals along with other facilities in Baltimore and Washington.

A spokeswoman for the nonprofit medical system revealed that access to three critical clinical information systems had been restored. Doctors were also able to regain access to medical records, if only in a read-only basis for now, the spokeswoman added.

We have a bunch of smart IT people working around the clock [to regain access to the data]. Nothing is more important to MedStar health than the ability to provide patient care.

Samsam Ransomware

The hackers’ ransom note and the hidden website embedded within the ransomware redirects victims to websites identical to those used by a new form of powerful ransomware called Samsam. It is also known as Samas and MSIL.

Security researchers have revealed that the ransomware first appeared in December and is suitably destructive because of its ability to infect entire networks, instead of targeting individual machines.

MedStar has encouraged patients to call doctor offices directly as a result of the disruption caused by the ransomware attack, while it concentrates its IT effort to restore its electronic appointment system.

In a statement, MedStar revealed:

The malicious malware attack has created many inconveniences and operational challenges for our patients and associates. With only a few exceptions, we have continued to provide care approximating our normal volume levels.

The newspaper revealed that the ill-intending hackers have offered MedStar a bulk decryption discount of three bitcoins to decrypt a single computer. With 15 encrypted computers, that’s 45 bitcoins, about $19,000 to regain access to all of them.

 Image credit: Wikimedia.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

Robots are Now Vulnerable to Ransomware Attacks

Security researchers have put the spotlight on malware affecting humanoid robots with the first...

Read more arrow_forward

Free Decryption Tool Brings Respite to Victims of Aggressive Ransomware

A new and unusual family of ransomware has met its match after a ransomware tool backed by Europol...

Read more arrow_forward

Ransomware is ‘Modern-Day Extortion’, Says McAfee CEO

The chief executive of cybersecurity firm McAfee has labelled ransomware as the modern day answer to...

Read more arrow_forward