14 DAY TRIAL // Systems belonging to the Northern Lincolnshire and Goole NHS Foundation Trust suffered a major ransomware infection in October which caused operations to be interrupted for no less than four days.
Although it was initially believed that the issue was caused by a malware infection spreading via USB, Pam Clipson, director of strategy and planning at Northern Lincolnshire and Goole NHS Foundation Trust, confirmed that it was all due to ransomware which reached several systems and forced the security department to knock them offline for cleaning.
Ransomware infections usually involve a ransom that organizations need to pay to hackers in order to unlock systems, but Clipson explained that the hospital took systems offline in order to remove the malware themselves.
No data stolen
Patient safety was a priority, the official says, admitting that approximately 2,800 appointments were canceled because the responsible systems weren’t working.
“Any potentially encrypted servers were checked and cleansed both prior to switching off and before returning to ‘live’ status. The majority of our systems were up and running again within 48 hours,” Clipson told Computing, adding that an investigation is now under way, so details as to how the hacker breached the systems cannot be shared.
He did say, however, that a USB infection wasn’t the cause of the ransomware outbreak, as it was initially believed.
“We can confirm that recent publicly reported information alleging that access was gained through a USB stick or due to remote working have no grounding in fact. We can assure our patients and other stakeholders that we acted swiftly to enhance our existing cyber security but in order to maintain security and support the police investigation, we are unable to share specific information at this time on the exact steps we have taken,” he said.
Systems were infected with Globe2 ransomware, and the hospital officials claim that all compromised files were cleaned and systems are now running normally.