Ransomware has found another high profile hospital to victimise. The Methodist Hospital in Kentucky USA has declared an internal state of emergency as it has completely shut down its computers and web based service to contain the spread of the Locky crypto-ransomware.
Methodist Hospital’s information systems director says that the malware entered the computer system as an attachment to a spam email. From there, it attempted to spread across the network and infect as many systems as possible. Fortunately, the problem was detected early and the hospital is in the process of bringing systems back one at a time.
Unfortunately, several computers were locked by the malware before they could be shut down. The hospital is currently working with the FBI to determine the best course of action, but has not ruled out simply paying the ransom of four Bitcoin (which translates into about RM6600).
Ransomware is generally opportunistic, and it doesn’t appear that hospitals are being specifically targeted. Unfortunately, the amount of damage that can be done is magnified several times when health care institutions fall victim to the scam. A Hollywood hospital suffered significantly more damage than the Kentucky Methodist Hospital, although it managed to negotiate with the cybercriminals to reduce the amount that would need to be paid.
Security expert Brian Krebs warns that future ransomware could become more targeted as cybercriminals mature. This could lead to criminals taking time to figure out how much the data they are holding ransom is really worth.
[Source: Krebs On Security]