Hackers Hit Baltimore Yet Again – Ransomware Temporarily Freezes Systems at Major Medical Center

Less than two weeks after an attack on Baltimore County Public Schools, one of the city’s major medical centers has been struck by the same type of malware – ransomware.

Officials at the Greater Baltimore Medical Center said phone lines of some of GBMC’s doctors were down and access to patients’ medical portals were blocked following the attack, according to local station WBAL-TV 11.

In a press release December 6, the healthcare system confirmed it was confronted with a ransomware infection that “impacted information technology systems,” taking some of them offline and freezing some operations temporarily.

“Although many of our systems are down, GBMC HealthCare has robust processes in place to maintain safe and effective patient care. We are collectively responding in accordance with our well-planned process and policies for this type of event,” the center said.

The hospital said it doesn’t believe any patient information has been compromised.

“There is no evidence at this time that any patient information has been misused. We are working with outside experts and law enforcement. Our investigation is in its early stages. We will provide more information as we can,” GBMC said.

Recently, such attacks have been backed by leaks meant to coerce victims into paying ransom. A lack of evidence that data has been copied doesn’t mean it hasn’t happened.

According to the 11 News report, the attackers “may” have sent a notice through a fax machine, with the note obtained by the station reportedly saying that “facility and computers and servers are locked and private data has been downloaded.”

You can also check if your private data has been exposed online! Use Bitdefender’s Digital Identity Protection tool to see where you stand at the moment and what the internet knows about you.

It’s also not uncommon for threat actors to throw around empty words, but it remains to be seen if this is indeed the case.

The announcement names no particular ransomware strain or gang taking credit for the attack. However, the Baltimore County Board of Education – similarly hit at the end of November – and GBMC are said to be less than a mile apart and on the same street.

GBMC also informed patients that some procedures scheduled for Monday, December 7 may be affected.

“All patient’s [sic] whose procedures may be rescheduled have already been contacted,” the center said.

Ransomware operators seem to have an affinity for Baltimore. In May 2019, the city had its servers compromised by a variant of ransomware called RobbinHood. Following that attack, officials devoted a surplus of $10 million toward an emergency ransomware response in the city, after the city refused to pay $80,000 to the attackers.