- MedStar Health Inc., one of the largest medical service providers in the U.S. capital region, was crippled by a virus on Monday.
- The attack on MedStar took down an entire network of hospitals in one swoop. MedStar operates 10 hospitals in Maryland and Washington, employs 30,000 staff and has 6,000 affiliated physicians.
- As of Tuesday evening, hospital staff could not update patient records in the central database, but it could read them, according to a MedStar spokeswoman. Other systems remained down.
The FBI said it was investigating the attack, which kept MedStar Health Inc.’s network down for a second day Tuesday. Some suspect it was a ransomware attack, but the hospital has refused ro characterize the event as a ransomware attack.
One employee sent the Washington Post an image of a ransom note that popped up onto computer screens. The note demanded 45 bitcoins, which is equivalent to $19,000 in exchange for a digital key so that network could regain access to the data.
Ann Nickels, MedStar’s spokesperson, said patient care was not affected, but some patients were turned away or treated without records, according to a Washington Post report.
Cyberattacks on hospitals have recently become more common. In February, a ransomware attack on Hollywood Presbyterian Medical Center in Los Angeles shut down the hospital’s IT infrastructure, locking the staff out of their systems. The hospital had to pay the hackers 40 bitcoins, equivalent to $17,000, in exchange for a decryption key.
Attacks on hospitals to date usually take down one hospital at a time, however. The attack on MedStar appears to have taken down the provider’s entire network at once.
Late last week the FBI issued an advisory asking business and IT security experts to help it track down a new ransomware virus. The MSIL/Samas.A ransomware is possibly the first virus to encrypt data on entire networks rather than one computer at a time.