Hackers Attack Two Chicago Hospitals

Hacker using creative medical interface on blurry background. Medicine and hacking concept.
Photo ID: 243931460 © peshkov/DepositPhotos.com

Last week, two Chicago based hospitals revealed they had been attacked by cybercriminals.

LockBit strikes Saint Anthony Hospital

Saint Anthony Hospital was targeted by LockBit, a prolific ransomware gang, in December. The gang posted the hospital on its leak site on January 31st and demanded to be paid nearly $900,000 to avoid leaking stolen hospital data.

In a statement posted on its website, the hospital stated that “files containing patient information had been copied” by the threat actors on December 18th. While the hospital said it did not know exactly what type of data was stolen, it also said there was no evidence that either its electronic health records system or its financial systems had been breached.

Unknown hackers target Lurie Children’s Hospital

Cyber security and Security password login online,   Alert Email inbox and spam virus with warning caution for notification on internet letter security protect, junk and trash mail and compromised
Photo ID: 682633104 © bananashake2011.hotmail.com/DepositPhotos.com

Lurie Children’s Hospital announced it was experiencing a cyberattack on February 1st. The hospital took its network systems offline in response to the hack. While its “phone, email and electronic systems” are not currently operational, the hospital said it remains open and is instructing patients to come to their appointments. However, recent news reports suggest patients have been unable to do so.

Lurie Children’s Hospital has not reported whether the attack is due to ransomware and no ransomware group has claimed responsibility for the hack. However, some security researchers on social media believe the attack was ransomware related.

The healthcare industry is a target for cyber attacks

Malicious computer programming code in the shape of a skull. Online scam, hacking and digital crime background 3D illustration
Photo ID: 218040398 © solarseven/DepositPhotos.com

Unfortunately, ransomware attacks on the healthcare industry are relatively common. According to data from ecrime.ch, 31 organizations from the healthcare sector have been listed on ransomware data leak sites already this year. Last year, a whopping 335 organizations were listed. The number of successful attacks is likely higher than these figures, however. That’s because organizations are not listed on data leak sites if they cooperate and pay a ransom.

Such attacks on healthcare facilities can have deadly consequences. Researchers have estimated that between 2016 and 2021, 42 to 67 Medicare patients died as of a result of ransomware.

Ransomware attacks also violate patients’ privacy when their personal information is stolen and released on the dark web. The violation is made worse by the fact that information stolen from hospitals can be incredibly sensitive. Last year, for example, ransomware gang AlphV released medical images of breast cancer patients stolen from Lehigh Valley Health Network and referred to them as “nude photos” on its data leak site.

Unfortunately, there is very little patients can do to protect themselves from the fallout of hospital cyber attacks. And ransomware gangs will continue to target hospitals for as long as it is profitable to do so.

Leave a Comment

Your email address will not be published. Required fields are marked *