Major US Health Organisation Systems Disrupted By Malware

MedStar Health, a non-profit medical services provider in the Washington, DC area, said late on Tuesday it was working to restore “the majority” of its systems following a malware attack on Monday.

MedStar took its systems offline when the malware was discovered early on Monday morning, and they have remained offline for two days, the organisation confirmed.

Reverting to paper

In the meantime, MedStar said it is relying on backup systems including paper documentation.

“After careful assessment, MedStar is working to restore the majority of our systems today,” MedStar said in a statement on its Facebook page late on Tuesday.

The group said it is working with IT security experts and law enforcement officials, with the FBI saying on Monday it was investigating the incident.

MedStar, which operates 10 hospitals and 250 outpatient facilities in Washington, DC and Maryland, is one of the largest medical organisations to date whose functioning has been disrupted by malware.

No indication was given as to the nature of the attack, but a number of health organisations have recently been targeted by ransomware, which encrypts single or multiple systems across a network and then demands payment to unlock them.

‘Services continue’

The organisation said it is continuing to provide medical services and said continuing with elective procedures would be determined on a case-by-case basis.

At least some patients at MedStar Washington Hospital Centre were asked to reschedule non-emergency appointments, according to a Reuters report that cited an unnamed MedStar vendor.

As of midday on Tuesday staff were able to view some electronic records but new patient information was still being recorded by hand, according to the report.

The FBI recently called for emergency aid from businesses and IT security organisations in its investigation of a ransomware variant called Samas that targets health organisations and infects multiple systems across a network. Cisco’s Talos IT security group warned last week that Samas was had hit a number of companies, with many paying to unlock their systems.

Henderson, Kentucky-based Methodist Hospital last week declared a state of internal emergency after a ransomware attack last week, while the Hollywood Presbyterian Hospital in Los Angeles last month paid $17,000 (£12,010) to recover access to files encrypted in a separate incident.

Earlier this month security researchers suggested a number of ransomware attacks may have been carried out by hackers who had previously been employed by the Chinese government and were looking for new ways to make money.

Are you a security pro? Try our quiz!

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

X’s Community Notes Fails To Stem US Election Misinformation – Report

Hate speech non-profit that defeated Elon Musk's lawsuit, warns X's Community Notes is failing to…

1 day ago

Google Fined More Than World’s GDP By Russia

Good luck. Russia demands Google pay a fine worth more than the world's total GDP,…

1 day ago

Spotify, Paramount Sign Up To Use Google Cloud ARM Chips

Google Cloud signs up Spotify, Paramount Global as early customers of its first ARM-based cloud…

2 days ago

Meta Warns Of Accelerating AI Infrastructure Costs

Facebook parent Meta warns of 'significant acceleration' in expenditures on AI infrastructure as revenue, profits…

2 days ago

AI Helps Boost Microsoft Cloud Revenues By 33 Percent

Microsoft says Azure cloud revenues up 33 percent for September quarter as capital expenditures surge…

2 days ago