Ransomware Paralyzes Ky. Hospital’s Network for 5 Days

Predictions of a growing ransomware threat in healthcare are being confirmed one cyber attack at a time.

A hospital in Kentucky became the latest healthcare facility to experience a major disruption to its operations following a ransomware attack this week.

Officials at Methodist Hospital in Henderson say they have restored their network after declaring an “Internal State of Emergency” on March 18.

The hospital joins a growing line of healthcare facilities that have been victimized by ransomware attacks in recent weeks. Ransomware occurs when a hacker encrypts files on a computer network and demands money to make them accessible again.

In the case of Methodist Hospital, administrators are insisting they didn’t pay the four-bitcoin ransom demanded by the hacker (or $1,600 dollars), according to krebsonsecurity.com. Still, few details have been released about how they restored their system.

Following in the footsteps of other hospitals, Methodist consulted with the FBI. Agents with the FBI continue to investigate the cyberattack.

The ransomware virus, which commonly comes in the form of an email attachment, initially infected one computer before spreading to other systems on the hospital’s network.

“We have a pretty robust emergency response system that we developed quite a few years ago, and it struck us that as everyone’s talking about the computer problem at the hospital, maybe we ought to just treat this like a tornado hit, because we essentially shut our system down and reopened on a computer-by-computer basis,” David Park, the hospital’s attorney, said.

Staff members at the hospital had been communicating and processing information through handwritten notes in the days following the attack. The hospital’s back up system was also being relied on for certain actions.

Methodist Hospital COO David Park said officials were going to exhaust all options before paying the ransom, according to Healthcare IT News. “Depending upon the number of records that were locked, depends upon whether we’re going to consider looking into whether we pay anything or not,” Park said.

Campus Safety had previously reported on a ransomware attack at Hollywood Presbyterian Medical Center that was resolved only when the hospital paid the hacker $16,664 to restore its system. A hospital in Germany will be working to restore its system until the summer after it was the victim of a ransomware attack on Feb. 17.

Similarly, multiple cybersecurity reports have recently emphasized the vulnerability of hospitals to cyberattacks.

Read Next: Canadian Hospital Effectively Responds to Ransomware Attack

If you appreciated this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

About the Author


Zach Winn is a journalist living in the Boston area. He was previously a reporter for Wicked Local and graduated from Keene State College in 2014, earning a Bachelor’s Degree in journalism and minoring in political science.

Leading in Turbulent Times: Effective Campus Public Safety Leadership for the 21st Century

This new webcast will discuss how campus public safety leaders can effectively incorporate Clery Act, Title IX, customer service, “helicopter” parents, emergency notification, town-gown relationships, brand management, Greek Life, student recruitment, faculty, and more into their roles and develop the necessary skills to successfully lead their departments. Register today to attend this free webcast!

Get Our Newsletters
Campus Safety Conference promo