FBI Investigating Computer Virus That Locked MedStar Systems — Ransomware Attacks On Hospitals Increasing

A computer virus locked MedStar Health Inc. systems and denied access to its medical staff. The suspected “ransomware” attack is being investigated by the Federal Bureau of Investigation (FBI). The computers remained down for the second day in a row, but the management insists that the systems have been deliberately powered down to prevent the computer virus from spreading and causing more harm.

The FBI is investigating a computer security breach that Medstar Health reportedly suffered because of a virus attack. The computer virus shut down major portions of its IT operations and locked out employees. Medstar’s medical professionals, who depend on the digitally maintained patient records, claimed they were unable to access or update the records, putting many lives at risk and pending medical procedures in jeopardy.

@WTOP @AP all systems are down! pic.twitter.com/vR3WMm4CZZ

— Black_King (@MustangLife66) March 28, 2016

MedStar Health is one of the biggest non-profit medical service providers in the U.S. capital region. It has 10 hospitals in the Washington, D.C., area and Maryland including MedStar Georgetown University Hospital. In addition to the hospitals, MedStar runs about 250 outpatient facilities. Needless to say, having continuous access to digitally maintained patient records is critical to the smooth functioning of the health centers.

Despite falling prey to an access denial computer virus, none of the hospitals stopped working and remained open and functioning, shared MedStar spokeswoman Ann Nickels,

“I do not know when the systems would be restored or the type of virus involved, but significant progress toward restoring functionality of our clinical systems has been made. Medical services continue.”

Without access to digital records, the professionals are relying on traditional techniques like physical notes. Such primitive techniques have been significantly delaying the scheduling of medical procedures. It is believed some of the patients at the MedStar Washington Hospital Center were asked to reschedule non-emergency appointments. When asked if elective procedures would be performed, Nickels said that would be determined “case by case,” reported Yahoo.

https://www.facebook.com/MedStarHealth/posts/10153623370699397

The virus attack was noticed on Monday, when some users complained about being locked out of the system. The non-profit updated its Facebook page saying its computer network had been infected by a virus that prevented some users from logging into the system early that day. Speaking about the incident, officials working with the FBI to remedy the situation said,

“MedStar acted quickly with a decision to take down all system interfaces to prevent the virus from spreading throughout the organization. We are working with our IT and Cyber-security partners to fully assess and address the situation.”

The health care organization confirmed it was pretty sure no information or sensitive patient records have yet been stolen or accessed. However, “the organization has moved to back-up systems paper transactions where necessary.” In other words, the entire establishment is now relying on handwritten notes. Majority of the patient records still remained inaccessible for two days in a row. However, by Tuesday, medical professionals were able to view some of the records. Still, it wasn’t possible to create new patient information. Such notations were still entered by hand, shared Nickels.

Networks temporarily shut down. We have no evidence of stolen information, and continue to assess the situation. All facilities remain open.

— MedStar Georgetown (@MedStarGUH) March 28, 2016

It is believed that MedStar may have been the latest victim of “Ransomware”. The malicious software, increasingly being used against hospitals, locks files under a strong shroud of encryption. The hackers usually establish contact with their victims and demand a “ransom” to unlock the files and handover the access of the system back to the organization. Usually the pay-off under such standoffs is in difficult-to-trace digital currency, such as bitcoins.

Such ransomware attacks are on the rise. While any organization that suffers an attack is advised against paying the ransom, some do. Last month, Hollywood Presbyterian Hospital in Los Angeles agreed to pay $17,000 to regain access to patient data. The hackers had initially demanded $3.6 million, but it appears the hospital was able to bring down the amount.

[Photo by John Moore/Getty Images]