Alabama hospitals chain resume operations after ransomware paying ransom payment. The operations are back to normal 10 days and the hospitals start treating people.
Ten hospitals, three in Alabama and seven in Australia are frozen with a ransomware attack, and the operations are down for more than 10 days.
“A criminal is limiting our ability to use our computer systems in exchange for an as-yet-unknown payment,” DCH representatives wrote in a release. “Our hospitals have implemented our emergency procedures to ensure safe and efficient operations in the event technology dependent on computers is not available.”
Hospitals isolated the affected machine to stop the flow of attack and the hospital spokesperson said no patient records were accessed.
According to the Apnews report, the hospitals in the west Alabama cities of Tuscaloosa, Northport, and Fayette started admitting patients.
The hospital said that attackers frozen the hospital’s computer systems using Ryuk ransomware, all the files have been encrypted.
The company didn’t reveal how much ransom amount was paid to regain access to the systems, according to hospital spokesperson the insurance covered the ransom payment. Generally, the Ryuk ransomware payment varies among the victims ranging between 15 BTC to 50 BTC.
Ryuk ransomware also known as targeted ransomware, this ransomware will not be distributed through mass spam campaigns, they are used exclusively in targeted attacks.
Once the encryption completed it creates a file named RyukReadMe.txt, which shows the contact email address and BTC address for payment.
The ransomware gain’s its popularity at the end of December 2018, it targets victims of different industries including logistics, technology companies, healthcare as well as small municipalities.
It is capable of stealing information and to encrypt files on the disk. the threat actors behind Ryuk ransomware combine multiple advanced attack techniques to penetrate the network.