In the early morning hours of June 28, the Wickenburg Community Hospital computer network was victim to a ransomware attack, according to President and CEO Jim Tavary.
He explained, “Essentially, data on the network was encrypted in such a way that it was not recoverable by the hospital.”
Per industry recommendations, Hospital Chief Information Officer Blue Beckham notified local law enforcement and the Federal Bureau of Investigation. According to the FBI Cyber Division, more than 100 similar attacks have been reported across the nation and seem to focus on mid-sized businesses and municipalities. The most notable was the NY Times.
“Hospital employees did a stellar job of responding to the cyber attack and did everything possible to return core systems to functionality, protect patient information, and partner with law enforcement agencies including the FBI,” Tavary said. “We have no indication or evidence to suggest any patient data was compromised.”
The cyber-attack affected hospital and clinic phone systems, allowing outbound calls but not inbound calls and, shared files were not accessible.
According to information provided by the FBI, suspected Ryuk ransomware encrypts files on network shares and an infected computer’s file system. Once a system is compromised, the attacker encrypts all the network’s files and demands a ransom to be paid in cryptocurrency. “
Generally speaking, the key to decrypt is never given, and the likely ransom fee would be in the range of $170,000 to $560,000, depending on the current exchange rate between bitcoin and US dollars,” said Beckham. The hospital did not make contact with the attacker nor pay a ransom. Instead, the hospital chose to dispatch a technical team and work with its service partners to sanitize the servers and network storage to restore core systems.