Major US Health Organisation Systems Disrupted By Malware

MedStar Health, a non-profit medical services provider in the Washington, DC area, said late on Tuesday it was working to restore “the majority” of its systems following a malware attack on Monday.

MedStar took its systems offline when the malware was discovered early on Monday morning, and they have remained offline for two days, the organisation confirmed.

Reverting to paper

In the meantime, MedStar said it is relying on backup systems including paper documentation.

“After careful assessment, MedStar is working to restore the majority of our systems today,” MedStar said in a statement on its Facebook page late on Tuesday.

The group said it is working with IT security experts and law enforcement officials, with the FBI saying on Monday it was investigating the incident.

MedStar, which operates 10 hospitals and 250 outpatient facilities in Washington, DC and Maryland, is one of the largest medical organisations to date whose functioning has been disrupted by malware.

No indication was given as to the nature of the attack, but a number of health organisations have recently been targeted by ransomware, which encrypts single or multiple systems across a network and then demands payment to unlock them.

‘Services continue’

The organisation said it is continuing to provide medical services and said continuing with elective procedures would be determined on a case-by-case basis.

At least some patients at MedStar Washington Hospital Centre were asked to reschedule non-emergency appointments, according to a Reuters report that cited an unnamed MedStar vendor.

As of midday on Tuesday staff were able to view some electronic records but new patient information was still being recorded by hand, according to the report.

The FBI recently called for emergency aid from businesses and IT security organisations in its investigation of a ransomware variant called Samas that targets health organisations and infects multiple systems across a network. Cisco’s Talos IT security group warned last week that Samas was had hit a number of companies, with many paying to unlock their systems.

Henderson, Kentucky-based Methodist Hospital last week declared a state of internal emergency after a ransomware attack last week, while the Hollywood Presbyterian Hospital in Los Angeles last month paid $17,000 (£12,010) to recover access to files encrypted in a separate incident.

Earlier this month security researchers suggested a number of ransomware attacks may have been carried out by hackers who had previously been employed by the Chinese government and were looking for new ways to make money.

Are you a security pro? Try our quiz!

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

2 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

2 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

2 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago