Alabama Hospital Pays Off Scammers Behind Ransomware Attack

The Alabama-based DCH Health System has reportedly paid off hackers that took three local hospitals computer systems hostage using ransomware. One cybersecurity expert called such payouts “the fuel that drives ransomware attacks.” Gizmodo reports that the Alabama-based DCH Health System has paid off hackers responsible for a ransomware attack that took the computer systems of three local hospitals hostage recently. Ransomware attacks are designed to encrypt hard drives and lock individuals out of their computer until they pay a ransom, usually sent via cryptocurrency, to the attacker. Seven hospitals in Australia were also affected by the cyber attack. Medical staff at hospitals in Tuscaloosa, Northport, and Fayette were forced to switch to a manual paper patient in order to track patient data while they were locked out of their systems. All of the hospitals diverted “all but the most critical new patients” to other health care centers in the area. DCH officials still haven’t revealed how much was paid to the scammers but system spokesman Brad Fisher stated on Saturday morning that the company had teams working to undo the damage caused by the ransomware and that no patient data had been compromised. Fisher told the Tuscaloosa News : We worked with law enforcement and IT security experts to assess all options in executing the solution we felt was in the best interests of our patients and in alignment with our health system’s mission. This included purchasing a decryption key from the attackers to expedite system recovery and help ensure patient safety. For ongoing security reasons, we will be keeping confidential specific details about the investigation and our coordination with the attacker. A statement on the DCH website said that the company was working with law enforcement and IT teams and had already begun “using our own DCH backup files to rebuild certain system components, and we have obtained a decryption key from the attacker to restore access to locked systems.” In the meantime, DCH will continue to direct patients to other health care centers as the system recovery will “require a time-intensive process to complete, as we will continue testing and confirming secure operations as we go.”