A hospital shut down its network after a ransomware attack restricted authorized personnel access to some of its computer systems.

On 12 January, Hancock Regional Hospital confirmed in a statement that it had suffered a ransomware attack. As quoted by FOX59:

Hancock Regional Hospital has been the victim of a criminal act by an unknown party that attempted to shut down out operations via our information systems by locking our computer network and demanding payment for a digital key to unlock it. Unfortunately this sort of behavior is widespread in the world today, and we had the misfortune to be next on the list. We are working closely with an IT incident response company and national law enforcement. At this time, we are deep into the analysis of the situation and see no indication that patient records have been removed from our network. In addition to excellent performance by our IT Department, our clinical teams have performed exceptionally well, and patient care has not been compromised. Our doors are open at Hancock Regional Hospital.

The Daily Reporter writes that the trouble first started on 11 January when staff noticed the network was running much slower than usual. Not long thereafter, a message appeared on at least one hospital-owned computer’s screen stating that authorized personnel wouldn’t be able to access parts of the Greenfield-based healthcare provider’s systems until it paid a ransom in Bitcoin. The amount of that ransom demand isn’t known at this time.

Hancock Regional’s IT team decided to immediately suspend the hospital’s network while it works with the FBI and a “national IT security company” to determine what happened and how it should respond. Hancock Health CEO Steve Long said the ransomware attack didn’t originate from a malicious email but declined to provide additional comments about its (Read more...)