computer systems remained offline, it is still providing patient care. The hospital’s emergency and urgent care departments are open and are fully operational. Most scheduled elective procedures will proceed as scheduled. Right now, while the investigation is only in its early stages, there is no proof that shows patient data was compromised.
The St. Lawrence Health System ransomware attack was identified a couple of hours following the initial compromise. A statement given by St. Lawrence Health System mentioned that the IT department took down its systems to try to restrict the attack and stop the passing on of the ransomware to the whole system.
As per the report, there were three St. Lawrence Health System hospitals impacted by the ransomware attack. These were Massena Hospital, Gouverneur Hospital, and Canton-Potsdam Hospital.. As a preventive measure, the ambulances were rerouted to other hospitals to give the patients proper healthcare services.
Similar to the Sky Lakes Medical Center ransomware attack, there is no proof of patient data compromise observed, although there are previous records that identified the Ryuk ransomware gang as exfiltrating patient data prior to file encryption.
CISA, the FBI, and the HHS’ Department of Health and Human Services released a joint notification last week to warn hospitals and public health organizations concerning the growing targeted Ryuk ransomware attacks. According to some evidence, the number of attacks on hospitals and other healthcare institutions will continue to escalate.
Healthcare companies are given instructions to do something and protect their networks from ransomware attacks. There are indicators of compromise and mitigation measures published to assist healthcare organizations in blocking attacks and recognizing ongoing attacks.