MedStar Still Getting CPU Systems Back Online After Cyber Attack
BALTIMORE (WJZ) -- Computers at MedStar---the region's second-largest healthcare provider---are still not back to normal four days after a cyber attack paralyzed them. It comes as the FBI warns about more dangerous attacks on the horizon.
Investigator Mike Hellgren has more.
The ransomware attack holding MedStar computers hostage for money could be the beginning of a wave of similar computer hacks.
Reuters obtained a copy of a confidential FBI advisory sent just last week---the dire warning from the FBI: "We need your help!"---to fight new types of ransomware called MISL and SAMAS that infect entire computer systems, as opposed to only individual computers.
"They're going to keep reinventing new ways to do the same attack," said Rocky Arocho, Dunbar Security Solutions.
Arocho directs cybersecurity at Dunbar Security Solutions in Hunt Valley, which allowed WJZ access to the 24/7 operations center monitoring threats against clients including utilities and healthcare providers. He spoke of the new threat.
"Once it's in there, it spreads throughout the network and replicates and locks down the entire system," he said.
MedStar says it's making hourly progress and doctors are able to access patient records but there are still problems entering new information and parts of the email system are down.
Ed Kohlepp is a MedStar patient.
"I think it's ridiculous. Geez, you think they would have it fixed or get it done by now," he said.
"Once they're in your system and encrypt your files, there's nothing you can do unless you have proper backup procedures," Arocho said.
The big fear: terrorist groups will successfully exploit computer vulnerabilities---including at nuclear facilities---with devastating results.
"I would be very concerned about a blended attack, one that uses cyber to perhaps soften the target, shut down control systems or security systems, create openings that provide opportunities for physical attackers to then come on site," said cyber defense consultant Perry Pederson.
MedStar insists that no patient information has been compromised.
