Our Facebook Page Our Twitter page Login Sign Up

DCH Hospitals Pays Ransom For Cyber Attack

Written by on October 7, 2019

After this week’s ransomware attack, three DCH hospitals are starting to come back online.  On late Tuesday, a variant of the Ryuk Ransomware struck the IT networks of the DCH Hospitals in Tuscaloosa, Fayette, and Northport.  The hospitals had to start diverting all but the most critical patients to other regional hospitals in Birmingham and elsewhere.  

In a statement published on their website, DCH states that they have obtained a decryption key from the attacker to restore access to locked systems. 

“We have successfully completed test decryption of multiple servers, and we are now executing a sequential plan to decrypt, test and bring systems online one-by-one,” reads the statement. “This will be a deliberate progression that will prioritize primary operating systems and essential functions for emergency care.  DCH has thousands of computer devices in its network, so this process will take time.”

Ransomware is a type of malware from cryptovirology that threatens to publish the victim’s data or perpetually block access to it unless a ransom is paid.

In most cases of ransomware, it is easier and cheaper for the business or organizations to pay the ransom rather than spend time and resources to restore computer networks. In some cases, the recovery of data would be impossible without the attacker’s decryption key. Most virtual ransom paid to these forms of virtual pirates is paid through Bitcoin or some other form of cryptocurrency.

Unlike other ransomware spreading throughout the internet, the Ryuk ransomware is considered an active form of attack.  Hackers that use Ryuk combine advanced attack techniques with interactive, hands-on hacking to increase their rate of success. Hackers that use this ransomware also target organizations like hospitals, utilities, and municipal governments that require quick access to their networks, which also increases the likelihood that the victim will pay the ransom.

The FBI has been called in and is investigating the origins and the parties responsible for the the ransomware attack on the DCH hospital system.

Topic tags:

Back To Top