Ransomware? The UHS hospital chain victim of a cyberattack
The trail of the cyberattack by ransomware holds the cord for the incident which undermines the information system of the chain of ‘UHS hospitals in the United States.
The chain of hospitals Universal Health Services (UHS) claims to be the victim of a security incident for its computer system. It affects corporate-run healthcare facilities in the United States. To deal with this, UHS has notably suspended user access to its computer applications.
UHS specifies temporary disruptions for “ certain aspects of clinical and financial operations. ” The company points out that establishments have initiated fallback procedures, including “ offline documentation methods. ” This bodes well for a return to manual methods, with paper and pencil.
UHS ensures that patient care continues to be delivered in a “ safe and efficient ” manner, and adds that there is “ no evidence that patient or employee data has been” consulted, copied or misused. “
Testimonies collected by the Associated Press are not, however, so reassuring. They describe the anxiety of the nursing staff with extended waiting times for emergencies, care and monitoring devices that had to be restarted, communication difficulties and access to test results.
Universal Health Services does not specify the nature of the computer incident. Based on employee testimony obtained by BleepingComputer , it is believed to be a Ryuk ransomware attack. Computer files have been renamed with an .ryk extension.
The cyberattack is said to have started with phishing to deploy the Emotet and TrickBot Trojans. Emotet is particularly well known for being a modular infrastructure as a service for delivering malicious payloads, including ransomware.
According to Check Point, Ryuk was discovered in mid-2018. “ We have seen an increase in Ryuk’s activities since July 2020. ” Check Point reports about 20 organizations attacked per week, including health organizations. “ These organizations often have no choice but to pay the ransom demanded to continue saving lives, especially in these pressing times due to the Covid-19 pandemic. ”
Recently, German authorities reported a ransomware attack that mistakenly targeted a university hospital and indirectly killed a woman.