“We implement comprehensive IT security protocols and work diligently with our IT security partners to restore IT operations as quickly as possible,” the statement said. “Patient care continues to be delivered safely and effectively.”
NBC News reports that some UHS hospitals have had to fall back on archiving patient information using pen and paper due to the attack. Reddit and Twitter also report UHS facilities redirecting ambulances to other nearby hospitals. “When the attack happened, several antivirus programs were disabled by the attack, and hard drives just lit up with activity,”
A UHS employee told Bleeding computer that they saw files renamed during the attack to include a .ryk extension. This extension is associated with Ryuk ransomware. Like most other ransomware, Ryuk encrypts files to prevent anyone from accessing them until they pay a fee.
If UHS was the victim of a ransomware attack, it would not be the first time that a healthcare provider was the target of a cyber attack. On September 9, Düsseldorf University Hospital in Germany sent a patient to a hospital 19 miles away after hackers compromised their IT systems in a ransomware attack. The patient died while doctors tried to transfer her to the other hospital.