Ransomware attacks force US and Australian hospitals to shut down their systems

The affected hospitals are turning away new patients and cancelling elective surgeries

Ransomware attacks have crippled services in many hospitals in the US and Australia, forcing them to shut down their systems and even cancel elective surgeries.

A joint press release by the DCH Regional Medical Center, Fayette Medical Center and Northport Medical Center in West Alabama said that they were unable to fully access their computing systems and are now closed to all new patients except the most critical ones.

The patients who were already admitted have still been receiving care from staff, and there are currently no plans to transfer such patients to other hospitals.

The affected hospitals have implemented emergency procedures to ensure that important surgeries are performed as per schedule, despite the unavailability of IT systems.

The three medical centres affected in Alabama are part of the DCH Health System, a government subdivision that operates a public-owned healthcare system in the USA.

In Australia, many hospitals and health facilities in Gippsland and southwest Victoria region had also lost access to some of their IT systems on Monday, due to new ransomware attacks. The attacks affected patient records and management systems, making doctors unable to access patients' clinical records and so forcing them to cancel surgeries.

The affected hospitals include six facilities in the West Gippsland Healthcare Group and 12 hospitals in the South West Alliance of Rural Health.

According to various reports, the attackers circumvented security controls installed by hospitals, forcing them to shut down various systems, leading to cancellation of appointments and elective surgeries.

'Hospitals have isolated and disconnected a number of systems, such as internet, to quarantine the infection,' the Victoria government said in a statement.

In the meantime, some hospitals have reverted to manual systems to maintain services.

No information is currently available about the hacking group behind the attacks or what ransom has been demanded by the attackers from hospitals.

Security experts are trying to determine if the attacks in the US and Australia are linked.

Earlier this week, a report by security firm Emisoft claimed that serious ransomware attacks have affected a total of 621 public-sector organisations in the US so far in 2019.

These attacks include at least 68 state, county and municipal entities, including a Ryuk outbreak in Lake City involving a $460,000 ransom demand - paid for via an insurance policy.

The RobbinHood ransomware hit the city of Baltimore, costing $18.2 million to recover from after officials refused to pay the $76,000 ransom.