Three U.S. hospitals were hit hard this week by “ransomware” attacks that brought down their systems — the latest providers of medical care to be targeted in this way.
The servers for Chino Valley Medical Center and Desert Valley Hospital, both in California, were running normally again by Wednesday after the attack.
Ransomware is a strain of malware that encrypts data on infected machines, then typically asks users to pay ransoms in hard-to-trace digital currencies to get an electronic key so they can retrieve their data.
“The malware disruption did not impact patient safety or compromise patient records, staff records or patient care,” said Fred Ortega, a spokesperson for Prime Healthcare Management, which represents both Chino Valley and Desert Valley.
The state’s Department of Public Health as well as federal law enforcement agencies are coordinating an investigation into the malware attack. As of Wednesday, most systems had been brought back online, Ortega said.
A third hospital, Methodist Hospital in Kentucky, also fell victim to a ransomware attack this week, reported cybersecurity journalist Brian Krebs. The hospital’s information systems director told Krebs that a type of ransomware called “Locky” was to blame. The hospital did not immediate return calls from NBC News.
According to Symantec Security, the ransomware program Locky spreads through spam email campaigns, many of which are disguised as invoices.
“Word documents containing a malicious macro are attached to these emails. If this macro is allowed to run, it will install Locky onto the victim’s computer,” according to Symantec.
In February, a Los Angeles hospital forked over $17,000 to hackers that took out its computer network.
by Connor Mannion