The LockBit ransomware group apologized for the attack on the Hospital for Sick Children (SickKids) and also released a free decryptor to the victims.
The group allows its affiliates to encrypt pharmaceutical companies, dentists, and plastic surgeons, however, it prohibits its affiliates from encrypting “medical institutions” where attacks could lead to death of individuals.
The gang explained that one of its partners has attacked SickKids by violating its rules and so they have blocked the affiliate.
The decryptor released by the group claims to be a Linux/VMware ESXi decryptor.
SickKids, the Canadian largest pediatric health center, is a teaching and research hospital in Toronto that focuses on providing healthcare to sick children.
The attack impacted internal and corporate systems, hospital phone lines, and the website. But according to the healthcare organization, it did not impact the patient care.
While the attack only encrypted a few systems, SickKids stated that the incident caused delays in receiving lab and imaging results and resulted in longer patient wait times. The hospital took several days to contain the ransomware attack.
On 29th December, SickKids announced that it had restored 50% of its priority systems, including those causing diagnostic or treatment delays.
Two days after SickKids’ announcement, the LockBit ransomware gang apologized for the attack on the hospital and released a decryptor for free.
The LockBit operation runs as a Ransomware-as-a-Service, where the operators maintain the encryptors and websites, and the operation’s affiliates, or members, breach victims’ networks, steal data, and encrypt devices.
Affiliates of the Lockbit gang have already hit healthcare organizations in the past, in early December, the Hospital Centre of Versailles was hit by a cyber-attack that was attributed to the group.
Image Credit : The Record
The post Ransomware gang apologizes for ransomware attack on Children’s hospital first appeared on Cybersafe News.