Large Pennsylvania health care company hit by malware attack

The computer network at a Fortune 500 health care services company went down as a result of a malware attack over the weekend, experts say.

The Pennsylvania-based Universal Health Services (UHS) issued a statement on Tuesday saying its facilities are “currently offline,” but it only identified the attack as a “security incident caused by malware.”

The attack occurred early Sunday morning. UHS subsequently shut down all of its networks across the U.S.

Experts see it as yet another malware attack among many hitting schools and health care providers. So far this year, a total of 53 health care providers and health care systems in the U.S. have been hit with ransomware, impacting care at up to 503 individual hospitals and medical clinics, according to cybersecurity firm Emsisoft.

HACKERS ATTACK NEVADA SCHOOL DISTRICT, PUBLISH SOCIAL SECURITY NUMBERS ONLINE

“Reports coming from [UHS] employees show all the signs of a ransomware attack,” Brett Callow, a Threat Analyst at Emsisoft, told Fox News.

(Thomas Trutschel/Photothek via Getty Images)

The reports Callow is referring to are from Reddit thread, where UHS employees have been discussing the attack.

An employee told cybersecurity news site Bleeping Computer that, during the cyberattack, files were being renamed to include the “.ryk” extension, used by Ryuk ransomware.

“Employees were also told to shut down all systems to block the attackers from reaching all devices on the network,” the Bleeping Computer report said.

RANSOMWARE ATTACK RESULTS IN DEATH AT GERMAN HOSPITAL

Fox News has reached out to UHS for comment.

In a textbook ransomware attack, the attacker locks critical files and then provides instructions on how to unlock the files — provided that the victim pays. Increasingly, ransomware gangs have been publishing sensitive data if the victim doesn’t pay.

Attacks on health care providers and hospitals can have devastating consequences as patients are diverted to other hospitals and critical patient data becomes inaccessible.

After a Sept. 9 ransomware attack at Düsseldorf University Hospital in Germany, a patient had to be directed to another hospital and died as a result of the delay.

RANSOMWARE JUMPS IN SEPTEMBER AS SCHOOLS BECOME PRIMARY TARGET

“The threat I worry most about is a ransomware attack on an overloaded hospital caring for COVID-19 patients … thereby putting frail patient lives and the community at risk,” John Riggi, senior advisor for Cybersecurity and Risk at the American Hospital Association wrote recently.

Because hospitals cannot afford downtime, they are an attractive target for ransomware gangs, Emsisoft’s Callow said.

“The criminals probably believe that hospitals will be more likely than other organizations to pay and to pay quickly in order to restore critical services,” Callow explained.

CLICK HERE TO GET THE FOX NEWS APP

Also, particularly in the U.S., due to the high cost of health care, providers are perceived by ransomware gangs as financially capable of paying large ransoms and making them attractive targets, Sam Roguine, a ransomware expert at Arcserve, told Fox News.

Go To The Source