BALTIMORE (WJZ) — Computers at MedStar—the region’s second-largest healthcare provider—are still not back to normal four days after a cyber attack paralyzed them. It comes as the FBI warns about more dangerous attacks on the horizon.
Investigator Mike Hellgren has more.READ MORE: A Baltimore County Woman Pushed To Find Her Childhood Friend’s Killer For 40 Years; How New DNA Evidence Finally Cracked The Case
The ransomware attack holding MedStar computers hostage for money could be the beginning of a wave of similar computer hacks.
Reuters obtained a copy of a confidential FBI advisory sent just last week—the dire warning from the FBI: “We need your help!”—to fight new types of ransomware called MISL and SAMAS that infect entire computer systems, as opposed to only individual computers.
“They’re going to keep reinventing new ways to do the same attack,” said Rocky Arocho, Dunbar Security Solutions.
Arocho directs cybersecurity at Dunbar Security Solutions in Hunt Valley, which allowed WJZ access to the 24/7 operations center monitoring threats against clients including utilities and healthcare providers. He spoke of the new threat.
“Once it’s in there, it spreads throughout the network and replicates and locks down the entire system,” he said.READ MORE: Student Hospitalized, Another In Custody After Franklin High School Fight
MedStar says it’s making hourly progress and doctors are able to access patient records but there are still problems entering new information and parts of the email system are down.
Ed Kohlepp is a MedStar patient.
“I think it’s ridiculous. Geez, you think they would have it fixed or get it done by now,” he said.
“Once they’re in your system and encrypt your files, there’s nothing you can do unless you have proper backup procedures,” Arocho said.
The big fear: terrorist groups will successfully exploit computer vulnerabilities—including at nuclear facilities—with devastating results.
“I would be very concerned about a blended attack, one that uses cyber to perhaps soften the target, shut down control systems or security systems, create openings that provide opportunities for physical attackers to then come on site,” said cyber defense consultant Perry Pederson.MORE NEWS: Baltimore Man, 62, Charged In Murder Of Evelyn Player
MedStar insists that no patient information has been compromised.