Last week, two Chicago based hospitals revealed they had been attacked by cybercriminals.
LockBit strikes Saint Anthony Hospital
Saint Anthony Hospital was targeted by LockBit, a prolific ransomware gang, in December. The gang posted the hospital on its leak site on January 31st and demanded to be paid nearly $900,000 to avoid leaking stolen hospital data.
In a statement posted on its website, the hospital stated that “files containing patient information had been copied” by the threat actors on December 18th. While the hospital said it did not know exactly what type of data was stolen, it also said there was no evidence that either its electronic health records system or its financial systems had been breached.
Unknown hackers target Lurie Children’s Hospital
Lurie Children’s Hospital announced it was experiencing a cyberattack on February 1st. The hospital took its network systems offline in response to the hack. While its “phone, email and electronic systems” are not currently operational, the hospital said it remains open and is instructing patients to come to their appointments. However, recent news reports suggest patients have been unable to do so.
Lurie Children’s Hospital has not reported whether the attack is due to ransomware and no ransomware group has claimed responsibility for the hack. However, some security researchers on social media believe the attack was ransomware related.
The healthcare industry is a target for cyber attacks
Unfortunately, ransomware attacks on the healthcare industry are relatively common. According to data from ecrime.ch, 31 organizations from the healthcare sector have been listed on ransomware data leak sites already this year. Last year, a whopping 335 organizations were listed. The number of successful attacks is likely higher than these figures, however. That’s because organizations are not listed on data leak sites if they cooperate and pay a ransom.
Such attacks on healthcare facilities can have deadly consequences. Researchers have estimated that between 2016 and 2021, 42 to 67 Medicare patients died as of a result of ransomware.
Ransomware attacks also violate patients’ privacy when their personal information is stolen and released on the dark web. The violation is made worse by the fact that information stolen from hospitals can be incredibly sensitive. Last year, for example, ransomware gang AlphV released medical images of breast cancer patients stolen from Lehigh Valley Health Network and referred to them as “nude photos” on its data leak site.
Unfortunately, there is very little patients can do to protect themselves from the fallout of hospital cyber attacks. And ransomware gangs will continue to target hospitals for as long as it is profitable to do so.