LockBit shows no remorse for ransomware attack on children's hospital
+63
+5Grrrrrr. Leave Hospitals alone!
"The only problem with troubleshooting is that sometimes trouble shoots back!"
+54Ban them from the use of any hospitals for the rest of their lives
+25Them and Blackcat have publicly stated since US takedowns that they will remove all rules they had previously
Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
Ransomware gang LockBit is claiming responsibility for an attack on a Chicago children's hospital in an apparent deviation from its previous policy of not targeting nonprofits.
Stooping to new lows, the criminals are reportedly unwilling to reverse the attack on Saint Anthony Hospital, as they had done in previous cases such as Toronto's SickKids hospital.
What's more, it apparently thinks a nonprofit hospital has the funds to pay a $800,000 ransom. Saint Anthony Hospital has not explicitly stated whether it will or won't pay, but with a sum this large it's highly unlikely that it would ever consider paying, let alone have the funds available to do so.
The deadline for payment has been set at 01:41 UTC on February 2. A $1,000 payment would extend the timer for 24 hours, and $800,000 is the price assigned to the data – that goes for both the destruction of it or the purchase of it by other parties.
Saint Anthony Hospital confirmed the attack via a statement published this week, saying files containing patient information had been copied by an unknown attacker. The hospital didn't specify the nature of the stolen data but confirmed no medical or financial records were accessed.
LockBit's intrusion began on December 18 but the hospital's internal investigation didn't conclude patient data was compromised until January 7. In the meantime, it said it took immediate action to secure its network and ensure patient care remained uninterrupted.
"Saint Anthony holds cybersecurity and the privacy of patient information in its care as top priorities," it said [PDF]. "Our prompt response to this event allowed us to continue providing patient care without disruption.
"As part of Saint Anthony's ongoing commitment to data privacy, we are working to review existing policies and procedures and implement additional ones as needed. Saint Anthony promptly reported this incident to the FBI and is cooperating with their investigation. We also reported this incident to appropriate regulators, including the US Department of Health and Human Services."
As the review of the incident progresses, the hospital said it would notify those it believes are impacted by the data theft. Until then, all patients are advised to remain vigilant to identity or financial fraud attempts and sign up for a free year of credit monitoring.
LockBit had in some previous cases shown a degree of restraint when targeting the likes of hospitals and other nonprofits, yet appears to be loosening the shackles on its affiliates, allowing them to target any organization they're able to breach.
In response to an affiliate that attacked Toronto's SickKids hospital last year, LockBit formally apologized, issued a free decryptor, and supposedly booted that affiliate out of its program for violating the rules.
In a post to its leak blog this week, LockBit said: "Always US hospitals put their greedy interest over those of their patients and clients."
We've been unable to get in touch with the spokesperson for the gang to ask about the attack and shift in approach, but the malware collectors at vx-underground were under the impression that LockBit was either ignorant to the fact Saint Anthony was a nonprofit, or simply didn't care.
Full Story