Ryuk Ransomware: What Can We Learn From DCH Cyberattack? – E Hacking News
Hackers have profited a lot from the Covid-19 pandemic by targeting health institutions, let us look back and learn from these attacks. For a very long time, cybercriminals have been attacking healthcare institutions, one fine example is the “DCH ransomware” attack. E Hacking News in this article analysis the events of the DCH ransomware incident, and how Alabama healthcare dealt with the attack.
About the attack
Alabama’s DCH health system was hit by a ransomware attack in October 2019. The attack forced DHS to shut down its 3 state units named- Fayette Medical Center, Northport Medical Center, and Tuscaloosa’s DCH Regional Medical Center. Because of the attack, the computer systems in the 3 hospitals stopped working and the hospital staff couldn’t access important files and patient records. DCH took applied emergency measures to deal with the crisis, the hospitals took in critical patients, whereas non-critical cases were transferred off to other health institutions, and only admitted after 10 days.
About DCH Ransomware
Hackers attacked DCH systems using a strain of Ryuk ransomware, the malware used by Wizard Spider, a Russian hacking group. Ryuk uses malicious social engineering techniques and uses phishing attacks to trick users into opening false links. Once opened, the malware deploys itself with the target device. When Ryuk is successfully deployed, it gets into the system codes and stops the device from functioning. It is followed by encryption and the last step is demanding ransom.
Aftermaths of the Ransomware Attack
DCH couldn’t continue it’s healthcare services for 10 days due to the partial disruption caused by the ransomware. Four patients filed a lawsuit against DCH for violating “information privacy law” and affecting their medical treatment during the ransomware attack. The lawsuit stated, “because of the ransomware attack, plaintiffs and class members had their medical care and treatment, as well as their daily lives, disrupted.” “As a consequence of the ransomware locking down the medical records of plaintiffs and class members, plaintiffs and the class members had to forego medical care and treatment or had to seek alternative care and treatment.”