DCH Hospital System Pays Off Hackers for Ransomware Decrpytion Key

Three facilities in Alabama and several in Australia have been impacted by this latest round of ransomware.

DCH Hospital System Pays Off Hackers for Ransomware Decrpytion Key

Photo: Think Stock

October 7 Update:  DCH Health System hospitals in west Alabama, the latest hospital system to be a victim of ransomware attacks, paid the ransom on Saturday, which enabled DCH to get the decryption key to unlock its computer systems, reports Tuscaloosa News. DCH officials have not revealed the amount that was paid.

It is believed that DCH’s three hospitals were infected with Ryuk ransomware, reports Bleeping Computer.  Ryuk is a particularly nasty version of ransomware that is delivered via a sophisticated, multi-stage attack, which paralyzes organizations, reports SophosLabs. To increase the likelihood of payment, the hackers that deploy Ryuk typically attack organizations that can’t withstand any downtime.

A cybersecurity firm believes the hackers responsible for this attack are from Russia, reports the Alabama Political Reporter.

Ransomware attacks have forced several hospitals in the United States and Australia to completely close or have shut down some of their systems.

Three DCH Health System hospitals in west Alabama have been affected by Tuesday’s ransomware attack and have implemented emergency procedures to ensure operations continue should computers not be available, according to a press release posted on DCH’s website. Despite these emergency procedures, DCH Regional Medical Center, Northport Medical Center and Fayette Medical Center are closed to all but the most critical new patients. Staff is caring for the patients who are currently in the hospital, and DCH Health Systems has no plans to transfer current patients.

A ransom demand has not been received by DCH yet.

In Australia, multiple hospitals and health services from southwest Victoria and Gippsland have lost access to several IT systems, reports BleepingComputer.com. Some have gone into manual operation mode.

“The cyber incident, which was uncovered on Monday, has blocked access to several systems by the infiltration of ransomware, including financial management,” the Victorian Government said in a statement. “Hospitals have isolated and disconnected a number of systems such as internet to quarantine the infection.”

The Australian attack has affected patient record, booking and management systems.

Only a few weeks ago, Campbell County Health experienced a ransomware attack that disrupted many of its services and made patient care difficult. During the attack, all 1,500 of the Wyoming hospital’s computers were affected.

On September 18, Wood Ranch Medical in Simi Valley, Calif., notified patients that it had experienced a ransomware attack on August 10. As a result of the attack, the facility was unable to restore patients’ healthcare records and announced it will be closing in December.

Last November, East Ohio Regional Hospital and Ohio Valley Medical Center fell victim to ransomware attacks. Fortunately for both facilities, quick responses and strong security defenses resulted in little impact on the hospitals, who refused to pay the cyber attacker’s ransom.

If you appreciated this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

About the Author

robin hattersley headshot

Robin has been covering the security and campus law enforcement industries since 1998 and is a specialist in school, university and hospital security, public safety and emergency management, as well as emerging technologies and systems integration. She joined CS in 2005 and has authored award-winning editorial on campus law enforcement and security funding, officer recruitment and retention, access control, IP video, network integration, event management, crime trends, the Clery Act, Title IX compliance, sexual assault, dating abuse, emergency communications, incident management software and more. Robin has been featured on national and local media outlets and was formerly associate editor for the trade publication Security Sales & Integration. She obtained her undergraduate degree in history from California State University, Long Beach.

Leading in Turbulent Times: Effective Campus Public Safety Leadership for the 21st Century

This new webcast will discuss how campus public safety leaders can effectively incorporate Clery Act, Title IX, customer service, “helicopter” parents, emergency notification, town-gown relationships, brand management, Greek Life, student recruitment, faculty, and more into their roles and develop the necessary skills to successfully lead their departments. Register today to attend this free webcast!

Leave a Reply

Your email address will not be published. Required fields are marked *

Get Our Newsletters
Campus Safety HQ