It is now confirmed, The MedStar Hospital Chain was hit with ransomware and has received a digital ransom note. A Baltimore Sun reporter has seen a copy of the cybercriminal's demands. Here is a TV Clip.
"The deal is this: Send 3 bitcoins — $1,250 at current exchange rates — for the digital key to unlock a single infected computer, or 45 bitcoins — about $18,500 — for keys to all of them."
As of 4 p.m. EDT Wednesday, the Sun reported that no payment had been made, nor have the cyber attackers delivered the key to the specified digital wallet on the “dark web.” This is unlike the Hollywood Presbyterian Hospital which did fork over the ransom a few days ago.
Ann Nickels, a spokeswoman for the nonprofit MedStar medical system, said Wednesday that its three main clinical information systems had been restored, and that doctors were able to access medical records on at least a read-only basis. Nickels said MedStar was getting close to restoring the whole system from backups. She declined to say when the work would be complete but they are close.
"We have bunch of smart IT people working around the clock," Nickels said. "Nothing is more important to MedStar health than the ability to provide patient care." Right. But look at the massive damage just caused by the downtime.
The hackers' ransom note and the TOR website it directs victims to are practically identical to those that computer security analysts say are associated with a powerful new form of ransomware known as Samas or Samsam, which we first warned against here.
Why are hospitals the perfect targets for ransomware?
I was just interviewed in WIRED magazine about this (here is the article) it's a "perfect storm" kind of scenario which is very unfortunate. Personal health information is like gold to cybercriminals so it's highly sought after, hospitals are likely to pay ransom just to keep operations running smoothly and most health care workers have inadequate, if any, proper security awareness training. Since hospitals are under attack, ALL users should be stepped through effective security awareness training. We are creating a special short anti-ransomware training module especially for hospitals that need to defend their networks against these social engineering attacks.
Right now, this is a problem for everyone. You are invited to find out how affordable this is for your own organization. You'll be pleasantly surprised!