Another US hospital has had its records scrambled by ransomware trying to extort money from the sawbones. This time: it's the Methodist Hospital in Kentucky that's been infected.
"We've notified the FBI, we're dealing with federal authorities on how to deal with it," the hospital's chief operating officer David Park told local station News Channel 10. "Depending upon the number of records that were locked, depends upon whether we're going to consider looking into whether we pay anything or not."
The hospital reported that patients' files had been copied, encrypted, and then the originals deleted. The hospital says that its backups are up to date and accessible, so it’s keeping calm and carrying on.
The cyber-outbreak follows a pattern of ransomware scum going after hospitals, where locking up a patients' information is a life or death issue. Last month, the Hollywood Presbyterian Medical Center paid malware operators $11,900 to get their documents back, and similar attacks have been reported in a dozen healthcare facilities worldwide.
At the RSA Conference in San Francisco this month, Caleb Barlow, VP at IBM Security, told El Reg that medical data is the new goldmine among hackers who were previously infiltrating sales registers.
A stolen and authenticated credit card number is worth a few dollars online, he said, but full medical records that can be used for insurance fraud are much more valuable. Barlow cited a case where an IBM staffer had had to physically go to his insurer’s offices to prove there was no operation scar to get a refund on a $20,000 fraudulent bill.
It seems that the Methodist Hospital has the tools to defeat this attack: continuous and reliable backup and an IT department that knows what it’s doing. But with the success of the Hollywood operation, copycats are bound to follow.
"In the past, we haven't seen crimes in such a large scale like Methodist," said Kentucky State Police trooper Shane Settle. "In general, the more a criminal commits a crime, the more confident they get, especially if they get away with it. I think that's what you're seeing here is they are shooting for a much larger target and more money." ®
Stop press: We've learned that at least two more US hospitals have been hit by ransomware: the Chino Valley Medical Center and the Desert Valley Hospital in California have also been infected.