New York and Oregon Hospitals Hit by Ransomware as FBI Warns of Imminent Attacks on US Healthcare

US hospitals have come under a new wave of ransomware attacks that has interrupted healthcare operations at facilities in New York and Oregon.

Earlier this week, St. Lawrence Health System hospitals in New York and Sky Lakes Medical Center in Oregon confirmed a ransomware attack forced the health systems to disconnect and shutdown their systems.

The center issued a statement on Wednesday:

“Earlier today, Sky Lakes Medical Center was the victim of a ransomware attack on its computer systems. The entire Sky Lakes team is working to counter this attack, and we will keep you updated on the ongoing details of our efforts to return business back to normal,” a news bulletin reads.

Meanwhile, the Sky Lakes Medical CenterSky Lakes Medical Center says computer systems at the Canton-Potsdam, Massena and Gouverneur hospitals were attacked by ransomware on Tuesday morning.

“The Health System”s Information Systems (IS) department disconnected all systems and shut down the affected network to prevent further propagation,” the New York-based healthcare provider said. “These locations are utilizing their established back-up processes including offline documentation methods. Patient care continues to be delivered safely and effectively.”

Although many ransomware gangs are known to exfiltrate data before encrypting files, the two medical facilities state that they have found no evidence that indicates patient or employee information was compromised.

Despite downtimes and technical limitations, administrators say that emergency and urgent care remains available to patients.

“Please be patient,” added. “We are working to ensure all medical needs are taken care of during this time. Sky Lakes is open and, as always, Sky Lakes is safe and is here to care for you.”

Sky Lakes and St. Lawrence have yet to say what type of ransomware infected them. However, on October 28, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) published a joint alert warning of “imminent” ransomware attacks targeting the US healthcare industry.

The alert provides details on Trickbot and Ryuk ransomware operators” activity and instructs healthcare organizations on best practices and mitigations steps.