March 31, 2016 by

MedStar Health Hit with Ransomware Attack

 MedStar Health, a non-profit organization that runs multiple hospitals was struck with a malware attack.

Malicious hackers have attacked the computers at MedStar, a malware attack made public by the FBI and MedStar this week. The Baltimore Sun confirmed the ransomware attacks, citing a doctor at a MedStar hospital in Baltimore.

With the ransomware, the hackers have proceeded to encrypt the data in a way that MedStar employees and doctors are unable to gain access to the information. The malware attack, predictably offers a decrypt key to regain access to the locked data, in exchange for a ransom payment.

MedStar operates 10 hospitals along with other facilities in Baltimore and Washington.

A spokeswoman for the nonprofit medical system revealed that access to three critical clinical information systems had been restored. Doctors were also able to regain access to medical records, if only in a read-only basis for now, the spokeswoman added.

We have a bunch of smart IT people working around the clock [to regain access to the data]. Nothing is more important to MedStar health than the ability to provide patient care.

Samsam Ransomware

The hackers’ ransom note and the hidden website embedded within the ransomware redirects victims to websites identical to those used by a new form of powerful ransomware called Samsam. It is also known as Samas and MSIL.

Security researchers have revealed that the ransomware first appeared in December and is suitably destructive because of its ability to infect entire networks, instead of targeting individual machines.

MedStar has encouraged patients to call doctor offices directly as a result of the disruption caused by the ransomware attack, while it concentrates its IT effort to restore its electronic appointment system.

In a statement, MedStar revealed:

The malicious malware attack has created many inconveniences and operational challenges for our patients and associates. With only a few exceptions, we have continued to provide care approximating our normal volume levels.

The newspaper revealed that the ill-intending hackers have offered MedStar a bulk decryption discount of three bitcoins to decrypt a single computer. With 15 encrypted computers, that’s 45 bitcoins, about $19,000 to regain access to all of them.

 Image credit: Wikimedia.

About the author

Image of Author

LIFARS is a digital forensics and cybersecurity intelligence firm based in New York City. LIFARS is ranked as one of the top Digital Forensics and Cyber Investigations companies in 2016 and as one of the top cybersecurity companies in the New York metropolitan area for 2015 on the Cybersecurity 500 – a directory of the hottest and most innovative companies to watch in the cybersecurity industry.

Related articles

26% of Ransomware Attacks Target Corporate Businesses

New research from Kaspersky Lab has revealed that the number of ransomware attacks targeting...

Read more arrow_forward

Ransomware Payments to Hit a Record $2 Billion in 2017: Research

According to new research from a cybersecurity firm, ransomware payments will hit a high of $2...

Read more arrow_forward

UK Govt Blames North Korea for WannaCry Ransomware CyberAttack

  The UK government has blamed North Korea for WannaCry - the comprehensive ransomware...

Read more arrow_forward